Vulnerability-Lookup

RHSA-2026:26411

Vulnerability from csaf_redhat - Published: 2026-06-16 16:32 - Updated: 2026-06-27 14:39

Summary

Red Hat Security Advisory: New container image: rhceph-9.0

Severity

Important

Notes

Topic: A new version of Red Hat build of Ceph Storage has been released

Details: The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 9.0. This release updates to the latest version.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2024-55565

A flaw was found in nanoid. Affected versions of nanoid mishandles non-integer values. When nanoid is called with a fractional value, there were a number of undesirable effects: - In browser and non-secure, the code infinite loops on while (size--) - In node, the value of poolOffset becomes fractional, causing calls to nanoid to return zeroes until the pool is next filled: when i is initialized to poolOffset, pool[i] & 63 -> undefined & 63 -> 0 - If the first call in node is a fractional argument, the initial buffer allocation fails with an error The highest impact of this issue system availability.

6.5 (Medium)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64	—	Vendor Fix fix

Known not affected 24 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x		—

Threats

Impact Moderate

CVE-2025-47913

A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSH_AGENT_SUCCESS (0x06) message to requests expecting typed replies (e.g., List, Sign). The unmarshal layer produces an unexpected message type, which the client code does not handle, leading to panic("unreachable") or a nil-pointer dereference. A malicious agent or forwarded connection can exploit this to terminate the client process.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x	—	Vendor Fix fix Workaround

Known not affected 24 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x	—	Workaround

Threats

Impact Important

CVE-2025-47914

A flaw was found in the SSH Agent servers component (golang.org/x/crypto/ssh/agent). This vulnerability allows a remote attacker to cause a denial of service (DoS) by sending a specially crafted, malformed message during new identity requests. The server fails to validate the size of these messages, leading to an out-of-bounds read that can cause the program to panic and terminate.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-125 - Out-of-bounds Read

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x	—	Vendor Fix fix

Known not affected 24 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x		—

Threats

Impact Moderate

CVE-2025-58181

A flaw was found in golang.org/x/crypto/ssh. An attacker can exploit this vulnerability by sending specially crafted GSSAPI (Generic Security Service Application Program Interface) authentication requests to an SSH (Secure Shell) server. The server fails to validate the number of mechanisms specified in these requests, leading to unbounded memory consumption. This can result in a Denial of Service (DoS), making the SSH server unavailable to legitimate users.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x	—	Vendor Fix fix

Known not affected 24 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64		—
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x		—

Threats

Impact Moderate

CVE-2025-59343

A symlink validation bypass flaw has been discovered in the npm tar-fs library. Affected versions are vulnerable to a symlink validation bypass if the destination directory is predictable with a specific tarball.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64	—	Vendor Fix fix Workaround

Known not affected 24 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x	—	Workaround

Threats

Impact Important

CVE-2025-64718

A prototype pollution flaw has been discovered in the js-yaml npm library. It's possible for an attacker to modify the prototype of the result of a parsed yaml document via prototype pollution (__proto__). All users who parse untrusted yaml documents may be impacted.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x	—	Vendor Fix fix Workaround

Known not affected 24 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x	—	Workaround

Threats

Impact Moderate

CVE-2025-64756

A flaw was found in glob. This vulnerability allows arbitrary command execution via processing files with malicious names when the glob command-line interface (CLI) is used with the -c/--cmd option, enabling shell metacharacters to trigger command injection.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x	—	Vendor Fix fix Workaround

Known not affected 24 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x	—	Workaround

Threats

Impact Important

References

59 references

URL	Category
https://access.redhat.com/errata/RHSA-2026:26411	self
https://access.redhat.com/security/cve/CVE-2024-55565	external
https://access.redhat.com/security/cve/CVE-2025-47913	external
https://access.redhat.com/security/cve/CVE-2025-47914	external
https://access.redhat.com/security/cve/CVE-2025-58181	external
https://access.redhat.com/security/cve/CVE-2025-59343	external
https://access.redhat.com/security/cve/CVE-2025-64718	external
https://access.redhat.com/security/cve/CVE-2025-64756	external
https://access.redhat.com/security/updates/classi…	external
https://docs.redhat.com/en/documentation/red_hat_…	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2024-55565	self
https://bugzilla.redhat.com/show_bug.cgi?id=2331063	external
https://www.cve.org/CVERecord?id=CVE-2024-55565	external
https://nvd.nist.gov/vuln/detail/CVE-2024-55565	external
https://github.com/ai/nanoid/compare/3.3.7...3.3.8	external
https://github.com/ai/nanoid/pull/510	external
https://github.com/ai/nanoid/releases/tag/5.0.9	external
https://access.redhat.com/security/cve/CVE-2025-47913	self
https://bugzilla.redhat.com/show_bug.cgi?id=2414943	external
https://www.cve.org/CVERecord?id=CVE-2025-47913	external
https://nvd.nist.gov/vuln/detail/CVE-2025-47913	external
https://github.com/advisories/GHSA-hcg3-q754-cr77	external
https://go.dev/cl/700295	external
https://go.dev/issue/75178	external
https://pkg.go.dev/vuln/GO-2025-4116	external
https://access.redhat.com/security/cve/CVE-2025-47914	self
https://bugzilla.redhat.com/show_bug.cgi?id=2416000	external
https://www.cve.org/CVERecord?id=CVE-2025-47914	external
https://nvd.nist.gov/vuln/detail/CVE-2025-47914	external
https://go.dev/cl/721960	external
https://go.dev/issue/76364	external
https://groups.google.com/g/golang-announce/c/w-o…	external
https://pkg.go.dev/vuln/GO-2025-4135	external
https://access.redhat.com/security/cve/CVE-2025-58181	self
https://bugzilla.redhat.com/show_bug.cgi?id=2415997	external
https://www.cve.org/CVERecord?id=CVE-2025-58181	external
https://nvd.nist.gov/vuln/detail/CVE-2025-58181	external
https://go.dev/cl/721961	external
https://go.dev/issue/76363	external
https://pkg.go.dev/vuln/GO-2025-4134	external
https://access.redhat.com/security/cve/CVE-2025-59343	self
https://bugzilla.redhat.com/show_bug.cgi?id=2397901	external
https://www.cve.org/CVERecord?id=CVE-2025-59343	external
https://nvd.nist.gov/vuln/detail/CVE-2025-59343	external
https://github.com/mafintosh/tar-fs/commit/0bd54c…	external
https://github.com/mafintosh/tar-fs/security/advi…	external
https://access.redhat.com/security/cve/CVE-2025-64718	self
https://bugzilla.redhat.com/show_bug.cgi?id=2414854	external
https://www.cve.org/CVERecord?id=CVE-2025-64718	external
https://nvd.nist.gov/vuln/detail/CVE-2025-64718	external
https://github.com/nodeca/js-yaml/commit/383665ff…	external
https://github.com/nodeca/js-yaml/security/adviso…	external
https://access.redhat.com/security/cve/CVE-2025-64756	self
https://bugzilla.redhat.com/show_bug.cgi?id=2415451	external
https://www.cve.org/CVERecord?id=CVE-2025-64756	external
https://nvd.nist.gov/vuln/detail/CVE-2025-64756	external
https://github.com/isaacs/node-glob/commit/47473c…	external
https://github.com/isaacs/node-glob/security/advi…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "A new version of Red Hat build of Ceph Storage has been released",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 9.0.\nThis release updates to the latest version.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:26411",
        "url": "https://access.redhat.com/errata/RHSA-2026:26411"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2024-55565",
        "url": "https://access.redhat.com/security/cve/CVE-2024-55565"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-47913",
        "url": "https://access.redhat.com/security/cve/CVE-2025-47913"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-47914",
        "url": "https://access.redhat.com/security/cve/CVE-2025-47914"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-58181",
        "url": "https://access.redhat.com/security/cve/CVE-2025-58181"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-59343",
        "url": "https://access.redhat.com/security/cve/CVE-2025-59343"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-64718",
        "url": "https://access.redhat.com/security/cve/CVE-2025-64718"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-64756",
        "url": "https://access.redhat.com/security/cve/CVE-2025-64756"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/",
        "url": "https://access.redhat.com/security/updates/classification/"
      },
      {
        "category": "external",
        "summary": "https://docs.redhat.com/en/documentation/red_hat_ceph_storage/",
        "url": "https://docs.redhat.com/en/documentation/red_hat_ceph_storage/"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26411.json"
      }
    ],
    "title": "Red Hat Security Advisory: New container image: rhceph-9.0",
    "tracking": {
      "current_release_date": "2026-06-27T14:39:24+00:00",
      "generator": {
        "date": "2026-06-27T14:39:24+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "5.2.6"
        }
      },
      "id": "RHSA-2026:26411",
      "initial_release_date": "2026-06-16T16:32:52+00:00",
      "revision_history": [
        {
          "date": "2026-06-16T16:32:52+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-06-16T16:33:01+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-27T14:39:24+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Ceph Storage 9.0",
                "product": {
                  "name": "Red Hat Ceph Storage 9.0",
                  "product_id": "Red Hat Ceph Storage 9.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:ceph_storage:9.0::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Ceph Storage"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
                "product": {
                  "name": "registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
                  "product_id": "registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/alloy-rhel10@sha256%3Ab839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/alloy-rhel10\u0026tag=1781021746"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
                "product": {
                  "name": "registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
                  "product_id": "registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/grafana-rhel10@sha256%3Ab413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/grafana-rhel10\u0026tag=1781018768"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
                "product": {
                  "name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
                  "product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3Af58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/rhceph-haproxy-rhel9\u0026tag=1781021473"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
                "product": {
                  "name": "registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
                  "product_id": "registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keepalived-rhel10@sha256%3Aa214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/keepalived-rhel10\u0026tag=1781018336"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
                "product": {
                  "name": "registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
                  "product_id": "registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/oauth2-proxy-rhel9@sha256%3A09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/oauth2-proxy-rhel9\u0026tag=1781018431"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64",
                "product": {
                  "name": "registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64",
                  "product_id": "registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-9-rhel9@sha256%3Afa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/rhceph-9-rhel9\u0026tag=1781160401"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
                "product": {
                  "name": "registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
                  "product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/snmp-notifier-rhel10@sha256%3Ae40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/snmp-notifier-rhel10\u0026tag=1781017635"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
                "product": {
                  "name": "registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
                  "product_id": "registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/alloy-rhel10@sha256%3A6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6?arch=arm64\u0026repository_url=registry.redhat.io/rhceph/alloy-rhel10\u0026tag=1781021746"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
                "product": {
                  "name": "registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
                  "product_id": "registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/grafana-rhel10@sha256%3A10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551?arch=arm64\u0026repository_url=registry.redhat.io/rhceph/grafana-rhel10\u0026tag=1781018768"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
                "product": {
                  "name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
                  "product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc?arch=arm64\u0026repository_url=registry.redhat.io/rhceph/rhceph-haproxy-rhel9\u0026tag=1781021473"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
                "product": {
                  "name": "registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
                  "product_id": "registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keepalived-rhel10@sha256%3A5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e?arch=arm64\u0026repository_url=registry.redhat.io/rhceph/keepalived-rhel10\u0026tag=1781018336"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
                "product": {
                  "name": "registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
                  "product_id": "registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/oauth2-proxy-rhel9@sha256%3Abe1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09?arch=arm64\u0026repository_url=registry.redhat.io/rhceph/oauth2-proxy-rhel9\u0026tag=1781018431"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
                "product": {
                  "name": "registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
                  "product_id": "registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-9-rhel9@sha256%3A1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6?arch=arm64\u0026repository_url=registry.redhat.io/rhceph/rhceph-9-rhel9\u0026tag=1781160401"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
                "product": {
                  "name": "registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
                  "product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/snmp-notifier-rhel10@sha256%3A087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8?arch=arm64\u0026repository_url=registry.redhat.io/rhceph/snmp-notifier-rhel10\u0026tag=1781017635"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "arm64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
                "product": {
                  "name": "registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
                  "product_id": "registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/alloy-rhel10@sha256%3A4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/alloy-rhel10\u0026tag=1781021746"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
                "product": {
                  "name": "registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
                  "product_id": "registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/grafana-rhel10@sha256%3Aed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/grafana-rhel10\u0026tag=1781018768"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
                "product": {
                  "name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
                  "product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/rhceph-haproxy-rhel9\u0026tag=1781021473"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
                "product": {
                  "name": "registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
                  "product_id": "registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keepalived-rhel10@sha256%3A498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/keepalived-rhel10\u0026tag=1781018336"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
                "product": {
                  "name": "registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
                  "product_id": "registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/oauth2-proxy-rhel9@sha256%3A8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/oauth2-proxy-rhel9\u0026tag=1781018431"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
                "product": {
                  "name": "registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
                  "product_id": "registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-9-rhel9@sha256%3A8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/rhceph-9-rhel9\u0026tag=1781160401"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
                "product": {
                  "name": "registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
                  "product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/snmp-notifier-rhel10@sha256%3A94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/snmp-notifier-rhel10\u0026tag=1781017635"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
                "product": {
                  "name": "registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
                  "product_id": "registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/alloy-rhel10@sha256%3Ab1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/alloy-rhel10\u0026tag=1781021746"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x",
                "product": {
                  "name": "registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x",
                  "product_id": "registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/grafana-rhel10@sha256%3Af73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/grafana-rhel10\u0026tag=1781018768"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
                "product": {
                  "name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
                  "product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/rhceph-haproxy-rhel9\u0026tag=1781021473"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
                "product": {
                  "name": "registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
                  "product_id": "registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keepalived-rhel10@sha256%3A41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/keepalived-rhel10\u0026tag=1781018336"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
                "product": {
                  "name": "registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
                  "product_id": "registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/oauth2-proxy-rhel9@sha256%3A5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/oauth2-proxy-rhel9\u0026tag=1781018431"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
                "product": {
                  "name": "registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
                  "product_id": "registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-9-rhel9@sha256%3Ab73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/rhceph-9-rhel9\u0026tag=1781160401"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x",
                "product": {
                  "name": "registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x",
                  "product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/snmp-notifier-rhel10@sha256%3Ae5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/snmp-notifier-rhel10\u0026tag=1781017635"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le"
        },
        "product_reference": "registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64 as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64"
        },
        "product_reference": "registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x"
        },
        "product_reference": "registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64 as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64"
        },
        "product_reference": "registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64 as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64"
        },
        "product_reference": "registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64 as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64"
        },
        "product_reference": "registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le"
        },
        "product_reference": "registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x"
        },
        "product_reference": "registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x"
        },
        "product_reference": "registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le"
        },
        "product_reference": "registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64 as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64"
        },
        "product_reference": "registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64 as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64"
        },
        "product_reference": "registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64 as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64"
        },
        "product_reference": "registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x"
        },
        "product_reference": "registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le"
        },
        "product_reference": "registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64 as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64"
        },
        "product_reference": "registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64 as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64"
        },
        "product_reference": "registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le"
        },
        "product_reference": "registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x"
        },
        "product_reference": "registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64 as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64"
        },
        "product_reference": "registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le"
        },
        "product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64 as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64"
        },
        "product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x"
        },
        "product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64 as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64"
        },
        "product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64 as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64"
        },
        "product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le"
        },
        "product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64 as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64"
        },
        "product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x as a component of Red Hat Ceph Storage 9.0",
          "product_id": "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x"
        },
        "product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x",
        "relates_to_product_reference": "Red Hat Ceph Storage 9.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-55565",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "discovery_date": "2024-12-09T02:00:45.255738+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2331063"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in nanoid. Affected versions of nanoid mishandles non-integer values. When nanoid is called with a fractional value, there were a number of undesirable effects:\n\n- In browser and non-secure, the code infinite loops on while (size--)\n- In node, the value of poolOffset becomes fractional, causing calls to nanoid to return zeroes until the pool is next filled: when i is initialized to poolOffset, pool[i] \u0026 63 -\u003e undefined \u0026 63 -\u003e 0\n- If the first call in node is a fractional argument, the initial buffer allocation fails with an error\n\nThe highest impact of this issue system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "nanoid: nanoid mishandles non-integer values",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64"
        ],
        "known_not_affected": [
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-55565"
        },
        {
          "category": "external",
          "summary": "RHBZ#2331063",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331063"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-55565",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-55565"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-55565",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-55565"
        },
        {
          "category": "external",
          "summary": "https://github.com/ai/nanoid/compare/3.3.7...3.3.8",
          "url": "https://github.com/ai/nanoid/compare/3.3.7...3.3.8"
        },
        {
          "category": "external",
          "summary": "https://github.com/ai/nanoid/pull/510",
          "url": "https://github.com/ai/nanoid/pull/510"
        },
        {
          "category": "external",
          "summary": "https://github.com/ai/nanoid/releases/tag/5.0.9",
          "url": "https://github.com/ai/nanoid/releases/tag/5.0.9"
        }
      ],
      "release_date": "2024-12-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-16T16:32:52+00:00",
          "details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
          "product_ids": [
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:26411"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "nanoid: nanoid mishandles non-integer values"
    },
    {
      "cve": "CVE-2025-47913",
      "discovery_date": "2025-11-13T22:01:26.092452+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2414943"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSH_AGENT_SUCCESS (0x06) message to requests expecting typed replies (e.g., List, Sign). The unmarshal layer produces an unexpected message type, which the client code does not handle, leading to panic(\"unreachable\") or a nil-pointer dereference. A malicious agent or forwarded connection can exploit this to terminate the client process.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability was marked as Important because it allows any malicious or misbehaving SSH agent to force a crash in the client process using a single valid protocol byte. The panic occurs before the client has a chance to validate message structure or recover, which means an attacker controlling\u2014or intercepting\u2014SSH agent traffic can reliably terminate processes that rely on agent interactions. In environments where SSH agents operate over forwarded sockets, shared workspaces, or CI/CD runners, this turns into a reliable, unauthenticated remote denial of service against critical automation or developer tooling. The flaw also stems from unsafe assumptions in the unmarshalling logic, where unexpected but protocol-legal message types drop into \u201cunreachable\u201d code paths instead of being handled gracefully\u2014making it a design-level reliability break rather than a simple error-handling bug. For this reason, it is rated as an important availability-impacting vulnerability rather than a moderate issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x"
        ],
        "known_not_affected": [
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-47913"
        },
        {
          "category": "external",
          "summary": "RHBZ#2414943",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414943"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-47913",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-47913"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-hcg3-q754-cr77",
          "url": "https://github.com/advisories/GHSA-hcg3-q754-cr77"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/700295",
          "url": "https://go.dev/cl/700295"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/75178",
          "url": "https://go.dev/issue/75178"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2025-4116",
          "url": "https://pkg.go.dev/vuln/GO-2025-4116"
        }
      ],
      "release_date": "2025-11-13T21:29:39.907000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-16T16:32:52+00:00",
          "details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
          "product_ids": [
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:26411"
        },
        {
          "category": "workaround",
          "details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
          "product_ids": [
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS"
    },
    {
      "cve": "CVE-2025-47914",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "discovery_date": "2025-11-19T21:01:06.202641+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2416000"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the SSH Agent servers component (golang.org/x/crypto/ssh/agent). This vulnerability allows a remote attacker to cause a denial of service (DoS) by sending a specially crafted, malformed message during new identity requests. The server fails to validate the size of these messages, leading to an out-of-bounds read that can cause the program to panic and terminate.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang.org/x/crypto/ssh/agent: SSH Agent servers: Denial of Service due to malformed messages",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated Moderate for Red Hat products. The golang.org/x/crypto/ssh/agent library, when used in SSH Agent servers, does not properly validate the size of messages during new identity requests. A specially crafted malformed message can lead to an out-of-bounds read, causing the program to panic and resulting in a denial of service.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x"
        ],
        "known_not_affected": [
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-47914"
        },
        {
          "category": "external",
          "summary": "RHBZ#2416000",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416000"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-47914",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-47914"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/721960",
          "url": "https://go.dev/cl/721960"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/76364",
          "url": "https://go.dev/issue/76364"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/w-oX3UxNcZA",
          "url": "https://groups.google.com/g/golang-announce/c/w-oX3UxNcZA"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2025-4135",
          "url": "https://pkg.go.dev/vuln/GO-2025-4135"
        }
      ],
      "release_date": "2025-11-19T20:33:43.126000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-16T16:32:52+00:00",
          "details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
          "product_ids": [
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:26411"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang.org/x/crypto/ssh/agent: SSH Agent servers: Denial of Service due to malformed messages"
    },
    {
      "cve": "CVE-2025-58181",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2025-11-19T21:00:50.197590+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2415997"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang.org/x/crypto/ssh. An attacker can exploit this vulnerability by sending specially crafted GSSAPI (Generic Security Service Application Program Interface) authentication requests to an SSH (Secure Shell) server. The server fails to validate the number of mechanisms specified in these requests, leading to unbounded memory consumption. This can result in a Denial of Service (DoS), making the SSH server unavailable to legitimate users.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via unbounded memory consumption in GSSAPI authentication",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated Moderate for Red Hat. SSH servers utilizing `golang.org/x/crypto/ssh` and configured to process GSSAPI authentication requests are susceptible to unbounded memory consumption. An attacker can exploit this by sending specially crafted GSSAPI authentication requests, potentially leading to a denial of service.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x"
        ],
        "known_not_affected": [
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-58181"
        },
        {
          "category": "external",
          "summary": "RHBZ#2415997",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2415997"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-58181",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-58181"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/721961",
          "url": "https://go.dev/cl/721961"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/76363",
          "url": "https://go.dev/issue/76363"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/w-oX3UxNcZA",
          "url": "https://groups.google.com/g/golang-announce/c/w-oX3UxNcZA"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2025-4134",
          "url": "https://pkg.go.dev/vuln/GO-2025-4134"
        }
      ],
      "release_date": "2025-11-19T20:33:42.795000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-16T16:32:52+00:00",
          "details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
          "product_ids": [
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:26411"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via unbounded memory consumption in GSSAPI authentication"
    },
    {
      "cve": "CVE-2025-59343",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "discovery_date": "2025-09-24T18:01:19.612438+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2397901"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A symlink validation bypass flaw has been discovered in the npm tar-fs library. Affected versions are vulnerable to a symlink validation bypass if the destination directory is predictable with a specific tarball.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tar-fs: tar-fs symlink validation bypass",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64"
        ],
        "known_not_affected": [
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-59343"
        },
        {
          "category": "external",
          "summary": "RHBZ#2397901",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397901"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-59343",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-59343"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59343",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59343"
        },
        {
          "category": "external",
          "summary": "https://github.com/mafintosh/tar-fs/commit/0bd54cdf06da2b7b5b95cd4b062c9f4e0a8c4e09",
          "url": "https://github.com/mafintosh/tar-fs/commit/0bd54cdf06da2b7b5b95cd4b062c9f4e0a8c4e09"
        },
        {
          "category": "external",
          "summary": "https://github.com/mafintosh/tar-fs/security/advisories/GHSA-vj76-c3g6-qr5v",
          "url": "https://github.com/mafintosh/tar-fs/security/advisories/GHSA-vj76-c3g6-qr5v"
        }
      ],
      "release_date": "2025-09-24T17:43:34.728000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-16T16:32:52+00:00",
          "details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
          "product_ids": [
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:26411"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tar-fs: tar-fs symlink validation bypass"
    },
    {
      "cve": "CVE-2025-64718",
      "cwe": {
        "id": "CWE-1321",
        "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
      },
      "discovery_date": "2025-11-13T16:01:24.744054+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2414854"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A prototype pollution flaw has been discovered in the js-yaml npm library. It\u0027s possible for an attacker to modify the prototype of the result of a parsed yaml document via prototype pollution (__proto__). All users who parse untrusted yaml documents may be impacted.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "js-yaml: js-yaml prototype pollution in merge",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x"
        ],
        "known_not_affected": [
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-64718"
        },
        {
          "category": "external",
          "summary": "RHBZ#2414854",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414854"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-64718",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-64718"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-64718",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64718"
        },
        {
          "category": "external",
          "summary": "https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879",
          "url": "https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879"
        },
        {
          "category": "external",
          "summary": "https://github.com/nodeca/js-yaml/security/advisories/GHSA-mh29-5h37-fv8m",
          "url": "https://github.com/nodeca/js-yaml/security/advisories/GHSA-mh29-5h37-fv8m"
        }
      ],
      "release_date": "2025-11-13T15:32:44.634000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-16T16:32:52+00:00",
          "details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
          "product_ids": [
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:26411"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "js-yaml: js-yaml prototype pollution in merge"
    },
    {
      "cve": "CVE-2025-64756",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "discovery_date": "2025-11-17T18:01:28.077927+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2415451"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in glob. This vulnerability allows arbitrary command execution via processing files with malicious names when the glob command-line interface (CLI) is used with the -c/--cmd option, enabling shell metacharacters to trigger command injection.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "glob: glob: Command Injection Vulnerability via Malicious Filenames",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw in glob allows arbitrary command execution when the `glob` command-line interface is used with the `-c/--cmd` option to process files with malicious names. The vulnerability is triggered by shell metacharacters in filenames, leading to command injection. The glob CLI tool utilizes the -c option to execute shell commands over the files which matched the searched pattern by using the shell:true parameter when creating the subprocess which will further execute the command informed via \u0027-c\u0027 option, this parameter allows the shell meta characters to be used and processed when executing the command. Given that information glob misses to sanitize the file name to eliminate such characters and expressions from the filename, leading to code execution as when performing the shell expansion such characters will be interpreted as shell commands.\n\nTo exploit this vulnerability the targeted system should run the glob CLI over a file with a maliciously crafted filename, additionally the attacker needs to have enough permission to create such file or trick the user to download and process the required file with the glob CLI.\n\nThis flaw is present in the command line interface of the nodejs-glob package. When the package is used by npm, the command line interface is not used at all, so it cannot be triggered. However, the command line interface implementation is still present on the system, but not directly exposed to the user\u0027s $PATH. To reflect this condition, nodejs packages have been rated with a low severity.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x"
        ],
        "known_not_affected": [
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
          "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-64756"
        },
        {
          "category": "external",
          "summary": "RHBZ#2415451",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2415451"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-64756",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-64756"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-64756",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64756"
        },
        {
          "category": "external",
          "summary": "https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146",
          "url": "https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146"
        },
        {
          "category": "external",
          "summary": "https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2",
          "url": "https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2"
        }
      ],
      "release_date": "2025-11-17T17:29:08.029000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-16T16:32:52+00:00",
          "details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
          "product_ids": [
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:26411"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, avoid using the `glob` command-line interface with the `-c` or `--cmd` option when processing filenames from untrusted sources. If programmatic use of `glob` is necessary, ensure that filenames are thoroughly sanitized before being passed to commands executed with shell interpretation enabled.",
          "product_ids": [
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:4275a746d036f4a674f2a41c584d1061160392818c0bf47f1e831034654c3c26_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:6cc5bc1fe92aecfb16bb3b6ccf833d06dc4484f8f7c9ffb7bedc3b3e49ace7b6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b1c91e9df4b0bb9437394b92444480d6417a39bb46c8474d8c8027ab01732ca4_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/alloy-rhel10@sha256:b839e918e2b695ee22e954273f016c6ecdebc1f6048e538560b7162f21f9b83a_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:10d6f4417f63579b5ad0c2642e68049bf4b0cbc07393f05f5ccd6d93ad9b4551_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:b413d37ad30595df599c3aa8c7dbfad08acc6fa9a59e5300d6e66746d0ed7c92_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:ed69dc576cf04d5ed270a4a271aa89a5476b46d58a85c937f1c63d6680b08b73_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/grafana-rhel10@sha256:f73c95e3c84116b5fb7320af22e69d252df69d4559f4ce7bdfd59f42902338c7_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:41e5ab72e781b1baa72b7158b2fb6af247c52042f828b496a15ff78adde413a3_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:498e05a439ac63b3a42882dd908d086078f697ff8c29dc2effedec8b26dd6521_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:5b0ca20174d1c6cdb3229bf625a906acf64509575c3092895e341ec301c5e92e_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/keepalived-rhel10@sha256:a214782e432451ca21a5042abd90bf44c57ed01563dfa4d1b81ef72f38ef2265_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:09758d53ef928e8740a95a31572462681a0f70c1c2a6eaa6a72a45fddf4538b7_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:5f4554659280456cba1fb0078dceb46964a9759f1c5ec0a8fa5d4a6f2bc4889f_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:8afff49beebd4fd88ccf687a421bca80c6d3295a38ef9fcef92ab2049d5f78db_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/oauth2-proxy-rhel9@sha256:be1e659b4f556e0dd65aa36141fa4ab940c5bdee4cf96e1425addb95330c9a09_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:1eb37889b6fd96e9bb95257e30918212f290caf50d9dbe76b6e46af067cdeda6_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:8705162c817322ffdabfee74c5fec3ce4f37be667f46634981cb66db0354ef10_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:b73e4453cb4a353d458ce8fe0641dfd1314ba383d836f1631e0cca5d9ffdca4e_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-9-rhel9@sha256:fa557386c42c9144dcef16957fc0f02b6e631d037cb982c70a043ce11d760556_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:01f59a1b847d03122126fb3db62daa1e924d2bed5da9506061013800085c100b_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:10ed1c8ea558924ddfa1d3ab6a43d34a6edd16e09dac44d593487bc22b2fc7fc_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:94f30db2064d0d62776af04715a67f90d3fb852855c123eff51285122e296328_s390x",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f58c4b24482819abd2cb67f30d3e1034d61dd85a043f76bc3f487e48941bd201_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:087c99d8838e9c2bd9a298fc320e954ea27203bbceaced070930c87f8a6581a8_arm64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:94a7dea2910f1f440c42c143f930886b529b00a3d6a0eab08d06596f157977a9_ppc64le",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e40d93d9d76fe8aa344905015d75ae13f94622f6e64de432b73af1930136f8de_amd64",
            "Red Hat Ceph Storage 9.0:registry.redhat.io/rhceph/snmp-notifier-rhel10@sha256:e5244c1382ad165701a9e156618d8452d78e70675d33668cbdaf6d93f99a58f1_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "glob: glob: Command Injection Vulnerability via Malicious Filenames"
    }
  ]
}

CVE-2024-55565 (GCVE-0-2024-55565)

Vulnerability from cvelistv5 – Published: 2024-12-09 00:00 – Updated: 2025-11-03 22:32

Summary

nanoid (aka Nano ID) before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version.

Severity

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

n/a
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Assigner

mitre

References

5 references

URL	Tags
https://github.com/ai/nanoid/pull/510
https://github.com/ai/nanoid/releases/tag/5.0.9
https://github.com/ai/nanoid/compare/3.3.7...3.3.8
https://lists.debian.org/debian-lts-announce/2025…
https://lists.debian.org/debian-lts-announce/2024…

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 4.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "LOW",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-55565",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-12T17:19:45.458962Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-835",
                "description": "CWE-835 Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-12T18:50:58.526Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T22:32:41.164Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00006.html"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00025.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "nanoid (aka Nano ID) before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-09T01:18:23.874Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/ai/nanoid/pull/510"
        },
        {
          "url": "https://github.com/ai/nanoid/releases/tag/5.0.9"
        },
        {
          "url": "https://github.com/ai/nanoid/compare/3.3.7...3.3.8"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2024-55565",
    "datePublished": "2024-12-09T00:00:00.000Z",
    "dateReserved": "2024-12-09T00:00:00.000Z",
    "dateUpdated": "2025-11-03T22:32:41.164Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-47913 (GCVE-0-2025-47913)

Vulnerability from cvelistv5 – Published: 2025-11-13 21:29 – Updated: 2025-12-16 16:43

Title

Potential denial of service in golang.org/x/crypto/ssh/agent

Summary

SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-703 - Improper Handling of Exceptional Conditions

Assigner

References

4 references

URL	Tags
https://go.dev/cl/700295
https://go.dev/issue/75178
https://github.com/advisories/GHSA-56w8-48fp-6mgv
https://pkg.go.dev/vuln/GO-2025-4116

Impacted products

1 product

Vendor	Product	Version
golang.org/x/crypto	golang.org/x/crypto/ssh/agent	Affected: 0 , < 0.43.0 (semver)

Credits

Jakub Ciolek Nicola Murino

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-47913",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-13T21:47:44.206349Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-13T21:47:50.864Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "golang.org/x/crypto/ssh/agent",
          "product": "golang.org/x/crypto/ssh/agent",
          "programRoutines": [
            {
              "name": "client.SignWithFlags"
            },
            {
              "name": "client.List"
            },
            {
              "name": "agentKeyringSigner.Sign"
            },
            {
              "name": "agentKeyringSigner.SignWithAlgorithm"
            },
            {
              "name": "client.Sign"
            },
            {
              "name": "client.Signers"
            }
          ],
          "vendor": "golang.org/x/crypto",
          "versions": [
            {
              "lessThan": "0.43.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Jakub Ciolek"
        },
        {
          "lang": "en",
          "value": "Nicola Murino"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-703: Improper Handling of Exceptional Conditions",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-16T16:43:43.633Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://go.dev/cl/700295"
        },
        {
          "url": "https://go.dev/issue/75178"
        },
        {
          "url": "https://github.com/advisories/GHSA-56w8-48fp-6mgv"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2025-4116"
        }
      ],
      "title": "Potential denial of service in golang.org/x/crypto/ssh/agent"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2025-47913",
    "datePublished": "2025-11-13T21:29:39.907Z",
    "dateReserved": "2025-05-13T23:31:29.597Z",
    "dateUpdated": "2025-12-16T16:43:43.633Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-47914 (GCVE-0-2025-47914)

Vulnerability from cvelistv5 – Published: 2025-11-19 20:33 – Updated: 2025-11-20 17:15

Title

Malformed constraint may cause denial of service in golang.org/x/crypto/ssh/agent

Summary

SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.

Severity

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-237
CWE-125 - Out-of-bounds Read

Assigner

References

4 references

URL	Tags
https://groups.google.com/g/golang-announce/c/w-o…
https://go.dev/cl/721960
https://go.dev/issue/76364
https://pkg.go.dev/vuln/GO-2025-4135

Impacted products

1 product

Vendor	Product	Version
golang.org/x/crypto	golang.org/x/crypto/ssh/agent	Affected: 0 , < 0.45.0 (semver)

Credits

Jakub Ciolek

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-47914",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-19T20:50:27.263405Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-125",
                "description": "CWE-125 Out-of-bounds Read",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-19T20:50:30.968Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "golang.org/x/crypto/ssh/agent",
          "product": "golang.org/x/crypto/ssh/agent",
          "programRoutines": [
            {
              "name": "parseConstraints"
            },
            {
              "name": "ForwardToAgent"
            },
            {
              "name": "ServeAgent"
            }
          ],
          "vendor": "golang.org/x/crypto",
          "versions": [
            {
              "lessThan": "0.45.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Jakub Ciolek"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-237",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-20T17:15:00.344Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://groups.google.com/g/golang-announce/c/w-oX3UxNcZA"
        },
        {
          "url": "https://go.dev/cl/721960"
        },
        {
          "url": "https://go.dev/issue/76364"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2025-4135"
        }
      ],
      "title": "Malformed constraint may cause denial of service in golang.org/x/crypto/ssh/agent"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2025-47914",
    "datePublished": "2025-11-19T20:33:43.126Z",
    "dateReserved": "2025-05-13T23:31:29.597Z",
    "dateUpdated": "2025-11-20T17:15:00.344Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-58181 (GCVE-0-2025-58181)

Vulnerability from cvelistv5 – Published: 2025-11-19 20:33 – Updated: 2025-11-20 17:14

Title

Unbounded memory consumption in golang.org/x/crypto/ssh

Summary

SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.

Severity

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-1284
CWE-770 - Allocation of Resources Without Limits or Throttling

Assigner

References

4 references

URL	Tags
https://groups.google.com/g/golang-announce/c/w-o…
https://go.dev/cl/721961
https://go.dev/issue/76363
https://pkg.go.dev/vuln/GO-2025-4134

Impacted products

1 product

Vendor	Product	Version
golang.org/x/crypto	golang.org/x/crypto/ssh	Affected: 0 , < 0.45.0 (semver)

Credits

Jakub Ciolek

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-58181",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-19T20:49:06.918113Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-770",
                "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-19T20:49:26.800Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "golang.org/x/crypto/ssh",
          "product": "golang.org/x/crypto/ssh",
          "programRoutines": [
            {
              "name": "parseGSSAPIPayload"
            },
            {
              "name": "NewServerConn"
            }
          ],
          "vendor": "golang.org/x/crypto",
          "versions": [
            {
              "lessThan": "0.45.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Jakub Ciolek"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-1284",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-20T17:14:59.856Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://groups.google.com/g/golang-announce/c/w-oX3UxNcZA"
        },
        {
          "url": "https://go.dev/cl/721961"
        },
        {
          "url": "https://go.dev/issue/76363"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2025-4134"
        }
      ],
      "title": "Unbounded memory consumption in golang.org/x/crypto/ssh"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2025-58181",
    "datePublished": "2025-11-19T20:33:42.795Z",
    "dateReserved": "2025-08-27T14:50:58.691Z",
    "dateUpdated": "2025-11-20T17:14:59.856Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-59343 (GCVE-0-2025-59343)

Vulnerability from cvelistv5 – Published: 2025-09-24 17:43 – Updated: 2025-11-03 18:13

Title

tar-fs has a symlink validation bypass if destination directory is predictable with a specific tarball

Summary

tar-fs provides filesystem bindings for tar-stream. Versions prior to 3.1.1, 2.1.3, and 1.16.5 are vulnerable to symlink validation bypass if the destination directory is predictable with a specific tarball. This issue has been patched in version 3.1.1, 2.1.4, and 1.16.6. A workaround involves using the ignore option on non files/directories.

Severity

8.7 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-61 - UNIX Symbolic Link (Symlink) Following

Assigner

GitHub_M

References

3 references

URL	Tags
https://github.com/mafintosh/tar-fs/security/advi…	x_refsource_CONFIRM
https://github.com/mafintosh/tar-fs/commit/0bd54c…	x_refsource_MISC
https://lists.debian.org/debian-lts-announce/2025…

Impacted products

1 product

Vendor	Product	Version
mafintosh	tar-fs	Affected: >= 3.0.0, < 3.1.1 Affected: >= 2.0.0, < 2.1.3 Affected: < 1.16.5

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-59343",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-03T14:49:04.310765Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-03T14:49:06.790Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T18:13:55.412Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00028.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "tar-fs",
          "vendor": "mafintosh",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 3.0.0, \u003c 3.1.1"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.0.0, \u003c 2.1.3"
            },
            {
              "status": "affected",
              "version": "\u003c 1.16.5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "tar-fs provides filesystem bindings for tar-stream. Versions prior to 3.1.1, 2.1.3, and 1.16.5 are vulnerable to symlink validation bypass if the destination directory is predictable with a specific tarball. This issue has been patched in version 3.1.1, 2.1.4, and 1.16.6. A workaround involves using the ignore option on non files/directories."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "HIGH"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-61",
              "description": "CWE-61: UNIX Symbolic Link (Symlink) Following",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-24T17:43:34.728Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/mafintosh/tar-fs/security/advisories/GHSA-vj76-c3g6-qr5v",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/mafintosh/tar-fs/security/advisories/GHSA-vj76-c3g6-qr5v"
        },
        {
          "name": "https://github.com/mafintosh/tar-fs/commit/0bd54cdf06da2b7b5b95cd4b062c9f4e0a8c4e09",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/mafintosh/tar-fs/commit/0bd54cdf06da2b7b5b95cd4b062c9f4e0a8c4e09"
        }
      ],
      "source": {
        "advisory": "GHSA-vj76-c3g6-qr5v",
        "discovery": "UNKNOWN"
      },
      "title": "tar-fs has a symlink validation bypass if destination directory is predictable with a specific tarball"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-59343",
    "datePublished": "2025-09-24T17:43:34.728Z",
    "dateReserved": "2025-09-12T12:36:24.636Z",
    "dateUpdated": "2025-11-03T18:13:55.412Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-64718 (GCVE-0-2025-64718)

Vulnerability from cvelistv5 – Published: 2025-11-13 15:32 – Updated: 2026-01-29 22:08

Title

js-yaml has prototype pollution in merge (<<)

Summary

js-yaml is a JavaScript YAML parser and dumper. In js-yaml before 4.1.1 and 3.14.2, it's possible for an attacker to modify the prototype of the result of a parsed yaml document via prototype pollution (`__proto__`). All users who parse untrusted yaml documents may be impacted. The problem is patched in js-yaml 4.1.1 and 3.14.2. Users can protect against this kind of attack on the server by using `node --disable-proto=delete` or `deno` (in Deno, pollution protection is on by default).

Severity

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Assigner

GitHub_M

References

5 references

URL	Tags
https://github.com/nodeca/js-yaml/security/adviso…	x_refsource_CONFIRM
https://github.com/nodeca/js-yaml/issues/730#issu…	x_refsource_MISC
https://github.com/nodeca/js-yaml/commit/383665ff…	x_refsource_MISC
https://github.com/nodeca/js-yaml/commit/5278870a…	x_refsource_MISC
https://github.com/advisories/GHSA-mh29-5h37-fv8m

Impacted products

1 product

Vendor	Product	Version
nodeca	js-yaml	Affected: >= 4.0.0, < 4.1.1 Affected: < 3.14.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-64718",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-13T16:18:01.997938Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-13T16:18:39.270Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2026-01-21T14:38:16.644Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://github.com/advisories/GHSA-mh29-5h37-fv8m"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "js-yaml",
          "vendor": "nodeca",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 4.0.0, \u003c 4.1.1"
            },
            {
              "status": "affected",
              "version": "\u003c 3.14.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "js-yaml is a JavaScript YAML parser and dumper. In js-yaml before 4.1.1 and 3.14.2, it\u0027s possible for an attacker to modify the prototype of the result of a parsed yaml document via prototype pollution (`__proto__`). All users who parse untrusted yaml documents may be impacted. The problem is patched in js-yaml 4.1.1 and 3.14.2. Users can protect against this kind of attack on the server by using `node --disable-proto=delete` or `deno` (in Deno, pollution protection is on by default)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1321",
              "description": "CWE-1321: Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-29T22:08:30.431Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/nodeca/js-yaml/security/advisories/GHSA-mh29-5h37-fv8m",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/nodeca/js-yaml/security/advisories/GHSA-mh29-5h37-fv8m"
        },
        {
          "name": "https://github.com/nodeca/js-yaml/issues/730#issuecomment-3549635876",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/nodeca/js-yaml/issues/730#issuecomment-3549635876"
        },
        {
          "name": "https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879"
        },
        {
          "name": "https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266"
        }
      ],
      "source": {
        "advisory": "GHSA-mh29-5h37-fv8m",
        "discovery": "UNKNOWN"
      },
      "title": "js-yaml has prototype pollution in merge (\u003c\u003c)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-64718",
    "datePublished": "2025-11-13T15:32:44.634Z",
    "dateReserved": "2025-11-10T14:07:42.922Z",
    "dateUpdated": "2026-01-29T22:08:30.431Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-64756 (GCVE-0-2025-64756)

Vulnerability from cvelistv5 – Published: 2025-11-17 17:29 – Updated: 2025-11-19 02:30

Title

glob CLI: Command injection via -c/--cmd executes matches with shell:true

Summary

Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c <command> <patterns> are used, matched filenames are passed to a shell with shell: true, enabling shell metacharacters in filenames to trigger command injection and achieve arbitrary code execution under the user or CI account privileges. This issue has been patched in versions 10.5.0 and 11.1.0.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Assigner

GitHub_M

References

3 references

URL	Tags
https://github.com/isaacs/node-glob/security/advi…	x_refsource_CONFIRM
https://github.com/isaacs/node-glob/commit/1e4e29…	x_refsource_MISC
https://github.com/isaacs/node-glob/commit/47473c…	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
isaacs	node-glob	Affected: >= 10.2.0, < 10.5.0 Affected: >= 11.0.0, < 11.1.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-64756",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-17T18:24:55.363466Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-18T16:37:11.917Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "node-glob",
          "vendor": "isaacs",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 10.2.0, \u003c 10.5.0"
            },
            {
              "status": "affected",
              "version": "\u003e= 11.0.0, \u003c 11.1.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c \u003ccommand\u003e \u003cpatterns\u003e are used, matched filenames are passed to a shell with shell: true, enabling shell metacharacters in filenames to trigger command injection and achieve arbitrary code execution under the user or CI account privileges. This issue has been patched in versions 10.5.0 and 11.1.0."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-19T02:30:44.520Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2"
        },
        {
          "name": "https://github.com/isaacs/node-glob/commit/1e4e297342a09f2aa0ced87fcd4a70ddc325d75f",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/isaacs/node-glob/commit/1e4e297342a09f2aa0ced87fcd4a70ddc325d75f"
        },
        {
          "name": "https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146"
        }
      ],
      "source": {
        "advisory": "GHSA-5j98-mcp5-4vw2",
        "discovery": "UNKNOWN"
      },
      "title": "glob CLI: Command injection via -c/--cmd executes matches with shell:true"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-64756",
    "datePublished": "2025-11-17T17:29:08.029Z",
    "dateReserved": "2025-11-10T22:29:34.874Z",
    "dateUpdated": "2025-11-19T02:30:44.520Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

RHSA-2026:26411

CVE-2024-55565 (GCVE-0-2024-55565)

CVE-2025-47913 (GCVE-0-2025-47913)

CVE-2025-47914 (GCVE-0-2025-47914)

CVE-2025-58181 (GCVE-0-2025-58181)

CVE-2025-59343 (GCVE-0-2025-59343)

CVE-2025-64718 (GCVE-0-2025-64718)

CVE-2025-64756 (GCVE-0-2025-64756)

Tags

Sightings

Nomenclature