RHSA-2026:3559
Vulnerability from csaf_redhat - Published: 2026-03-02 17:03 - Updated: 2026-03-05 06:37Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.6.14
Notes
Topic
Red Hat OpenShift Service Mesh 2.6.14
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Service Mesh 2.6.14, which is based on the open source Istio project, addresses a variety of problems in a microservice architecture by creating a centralized point of control in an application.
Security Fix(es):
* istio-operator-rhel8: Unexpected session resumption in crypto/tls (CVE-2025-68121)
* istio-cni-rhel8: Unexpected session resumption in crypto/tls (CVE-2025-68121)
* pilot-rhel8: Unexpected session resumption in crypto/tls (CVE-2025-68121)
* ratelimit-rhel8: Unexpected session resumption in crypto/tls (CVE-2025-68121)
* istio-operator-rhel8: Potential code smuggling via doc comments in cmd/cgo (CVE-2025-61732)
* istio-cni-rhel8: Potential code smuggling via doc comments in cmd/cgo (CVE-2025-61732)
* pilot-rhel8: Potential code smuggling via doc comments in cmd/cgo (CVE-2025-61732)
* ratelimit-rhel8: Potential code smuggling via doc comments in cmd/cgo (CVE-2025-61732)
* istio-operator-rhel8: cmd/go: Arbitrary file write via malicious pkg-config directive (CVE-2025-61731)
* istio-cni-rhel8: cmd/go: Arbitrary file write via malicious pkg-config directive (CVE-2025-61731)
* pilot-rhel8: cmd/go: Arbitrary file write via malicious pkg-config directive (CVE-2025-61731)
* ratelimit-rhel8: cmd/go: Arbitrary file write via malicious pkg-config directive (CVE-2025-61731)
* istio-operator-rhel8: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)
* istio-cni-rhel8: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)
* pilot-rhel8: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)
* ratelimit-rhel8: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)
* istio-operator-rhel8: Excessive CPU consumption when building archive index in archive/zip (CVE-2025-61728)
* istio-cni-rhel8: Excessive CPU consumption when building archive index in archive/zip (CVE-2025-61728)
* pilot-rhel8: Excessive CPU consumption when building archive index in archive/zip (CVE-2025-61728)
* ratelimit-rhel8: Excessive CPU consumption when building archive index in archive/zip (CVE-2025-61728)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh 2.6.14\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh 2.6.14, which is based on the open source Istio project, addresses a variety of problems in a microservice architecture by creating a centralized point of control in an application.\n\nSecurity Fix(es):\n* istio-operator-rhel8: Unexpected session resumption in crypto/tls (CVE-2025-68121)\n\n* istio-cni-rhel8: Unexpected session resumption in crypto/tls (CVE-2025-68121)\n\n* pilot-rhel8: Unexpected session resumption in crypto/tls (CVE-2025-68121)\n\n* ratelimit-rhel8: Unexpected session resumption in crypto/tls (CVE-2025-68121)\n\n* istio-operator-rhel8: Potential code smuggling via doc comments in cmd/cgo (CVE-2025-61732)\n\n* istio-cni-rhel8: Potential code smuggling via doc comments in cmd/cgo (CVE-2025-61732)\n\n* pilot-rhel8: Potential code smuggling via doc comments in cmd/cgo (CVE-2025-61732)\n\n* ratelimit-rhel8: Potential code smuggling via doc comments in cmd/cgo (CVE-2025-61732)\n\n* istio-operator-rhel8: cmd/go: Arbitrary file write via malicious pkg-config directive (CVE-2025-61731)\n\n* istio-cni-rhel8: cmd/go: Arbitrary file write via malicious pkg-config directive (CVE-2025-61731)\n\n* pilot-rhel8: cmd/go: Arbitrary file write via malicious pkg-config directive (CVE-2025-61731)\n\n* ratelimit-rhel8: cmd/go: Arbitrary file write via malicious pkg-config directive (CVE-2025-61731)\n\n* istio-operator-rhel8: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)\n\n* istio-cni-rhel8: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)\n\n* pilot-rhel8: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)\n\n* ratelimit-rhel8: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)\n\n* istio-operator-rhel8: Excessive CPU consumption when building archive index in archive/zip (CVE-2025-61728)\n\n* istio-cni-rhel8: Excessive CPU consumption when building archive index in archive/zip (CVE-2025-61728)\n\n* pilot-rhel8: Excessive CPU consumption when building archive index in archive/zip (CVE-2025-61728)\n\n* ratelimit-rhel8: Excessive CPU consumption when building archive index in archive/zip (CVE-2025-61728)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:3559",
"url": "https://access.redhat.com/errata/RHSA-2026:3559"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61726",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61728",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61731",
"url": "https://access.redhat.com/security/cve/CVE-2025-61731"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61732",
"url": "https://access.redhat.com/security/cve/CVE-2025-61732"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68121",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2025-61726",
"url": "https://access.redhat.com/security/cve/cve-2025-61726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2025-61728",
"url": "https://access.redhat.com/security/cve/cve-2025-61728"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2025-61731",
"url": "https://access.redhat.com/security/cve/cve-2025-61731"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2025-61732",
"url": "https://access.redhat.com/security/cve/cve-2025-61732"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2025-68121",
"url": "https://access.redhat.com/security/cve/cve-2025-68121"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_3559.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.6.14",
"tracking": {
"current_release_date": "2026-03-05T06:37:14+00:00",
"generator": {
"date": "2026-03-05T06:37:14+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.2"
}
},
"id": "RHSA-2026:3559",
"initial_release_date": "2026-03-02T17:03:40+00:00",
"revision_history": [
{
"date": "2026-03-02T17:03:40+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-03-02T17:03:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-05T06:37:14+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 2.6",
"product": {
"name": "Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.6::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:63ac3cee1a38f321dbdcb26e9b8bc4300bfe76bc38cb636004b91623c75aff86_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:63ac3cee1a38f321dbdcb26e9b8bc4300bfe76bc38cb636004b91623c75aff86_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:63ac3cee1a38f321dbdcb26e9b8bc4300bfe76bc38cb636004b91623c75aff86_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-operator-bundle@sha256%3A63ac3cee1a38f321dbdcb26e9b8bc4300bfe76bc38cb636004b91623c75aff86?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1772089464"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:57bfa19df7cd8c94c9a1887195fa14583ec95607c65ab1a37ed36e515bf015d6_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:57bfa19df7cd8c94c9a1887195fa14583ec95607c65ab1a37ed36e515bf015d6_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:57bfa19df7cd8c94c9a1887195fa14583ec95607c65ab1a37ed36e515bf015d6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256%3A57bfa19df7cd8c94c9a1887195fa14583ec95607c65ab1a37ed36e515bf015d6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1771992208"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:00b06379319a10eab80e4287dfb4ca280bcdc225857eda09aab019912df266cc_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:00b06379319a10eab80e4287dfb4ca280bcdc225857eda09aab019912df266cc_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:00b06379319a10eab80e4287dfb4ca280bcdc225857eda09aab019912df266cc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256%3A00b06379319a10eab80e4287dfb4ca280bcdc225857eda09aab019912df266cc?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1771992528"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:dcbb2fdf5a578754156453c39006056aa42b22ec3a91b47a196939f5371d2884_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:dcbb2fdf5a578754156453c39006056aa42b22ec3a91b47a196939f5371d2884_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:dcbb2fdf5a578754156453c39006056aa42b22ec3a91b47a196939f5371d2884_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256%3Adcbb2fdf5a578754156453c39006056aa42b22ec3a91b47a196939f5371d2884?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1771992461"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:3b963918db39c3a29370452c4d2412a5590ebc0b0ed05528c6c1749550f16883_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:3b963918db39c3a29370452c4d2412a5590ebc0b0ed05528c6c1749550f16883_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:3b963918db39c3a29370452c4d2412a5590ebc0b0ed05528c6c1749550f16883_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256%3A3b963918db39c3a29370452c4d2412a5590ebc0b0ed05528c6c1749550f16883?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1771992212"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:84cac542d17180bc2103b553b8aa695668e9593d8f3c120ac6cf84af3843be2e_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:84cac542d17180bc2103b553b8aa695668e9593d8f3c120ac6cf84af3843be2e_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:84cac542d17180bc2103b553b8aa695668e9593d8f3c120ac6cf84af3843be2e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256%3A84cac542d17180bc2103b553b8aa695668e9593d8f3c120ac6cf84af3843be2e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1771992437"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f0b58a20ccb618c10f3bb362d6864f32d745706e351a987542c53105a88378f4_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f0b58a20ccb618c10f3bb362d6864f32d745706e351a987542c53105a88378f4_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f0b58a20ccb618c10f3bb362d6864f32d745706e351a987542c53105a88378f4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256%3Af0b58a20ccb618c10f3bb362d6864f32d745706e351a987542c53105a88378f4?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1771992208"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:66c71452d031ef9b5b99b6ee124babfed74ed9ef8697a07e237e4d67a1dc197f_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:66c71452d031ef9b5b99b6ee124babfed74ed9ef8697a07e237e4d67a1dc197f_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:66c71452d031ef9b5b99b6ee124babfed74ed9ef8697a07e237e4d67a1dc197f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256%3A66c71452d031ef9b5b99b6ee124babfed74ed9ef8697a07e237e4d67a1dc197f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1771992528"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:3462c8c5f48bce1a0b67fb91b9ec2addf658351ad2d0b2a83b508c62de326b9a_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:3462c8c5f48bce1a0b67fb91b9ec2addf658351ad2d0b2a83b508c62de326b9a_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:3462c8c5f48bce1a0b67fb91b9ec2addf658351ad2d0b2a83b508c62de326b9a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256%3A3462c8c5f48bce1a0b67fb91b9ec2addf658351ad2d0b2a83b508c62de326b9a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1771992461"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:e84615cc4becd27ace58a15c20c791cdff22d3e4ce267c73606bdcb36ff99f79_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:e84615cc4becd27ace58a15c20c791cdff22d3e4ce267c73606bdcb36ff99f79_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:e84615cc4becd27ace58a15c20c791cdff22d3e4ce267c73606bdcb36ff99f79_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256%3Ae84615cc4becd27ace58a15c20c791cdff22d3e4ce267c73606bdcb36ff99f79?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1771992212"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:5024ef5bf24b002920ef504f7dd81cc1f6a92bf9e99769ff9d6d7a2390ee69fb_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:5024ef5bf24b002920ef504f7dd81cc1f6a92bf9e99769ff9d6d7a2390ee69fb_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:5024ef5bf24b002920ef504f7dd81cc1f6a92bf9e99769ff9d6d7a2390ee69fb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256%3A5024ef5bf24b002920ef504f7dd81cc1f6a92bf9e99769ff9d6d7a2390ee69fb?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1771992437"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:c4d28d0365c81b302827338e517aa7b97e4e234f3e2b611035316162c2eed77c_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:c4d28d0365c81b302827338e517aa7b97e4e234f3e2b611035316162c2eed77c_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:c4d28d0365c81b302827338e517aa7b97e4e234f3e2b611035316162c2eed77c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256%3Ac4d28d0365c81b302827338e517aa7b97e4e234f3e2b611035316162c2eed77c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1771992208"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:0c6a12c583d7dd62540e4ecc34a805e8ae69bd3e0db36d665440abb87dd90b6f_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:0c6a12c583d7dd62540e4ecc34a805e8ae69bd3e0db36d665440abb87dd90b6f_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:0c6a12c583d7dd62540e4ecc34a805e8ae69bd3e0db36d665440abb87dd90b6f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256%3A0c6a12c583d7dd62540e4ecc34a805e8ae69bd3e0db36d665440abb87dd90b6f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1771992528"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:f62c529feebed0564ff70d317058d08bfb48429d997c941f89c9abd4b41cb040_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:f62c529feebed0564ff70d317058d08bfb48429d997c941f89c9abd4b41cb040_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:f62c529feebed0564ff70d317058d08bfb48429d997c941f89c9abd4b41cb040_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256%3Af62c529feebed0564ff70d317058d08bfb48429d997c941f89c9abd4b41cb040?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1771992461"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:5b86898fbbd6d700a925c55b3f25b0c965e34f41a6af6cbb197107ff19f8056d_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:5b86898fbbd6d700a925c55b3f25b0c965e34f41a6af6cbb197107ff19f8056d_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:5b86898fbbd6d700a925c55b3f25b0c965e34f41a6af6cbb197107ff19f8056d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256%3A5b86898fbbd6d700a925c55b3f25b0c965e34f41a6af6cbb197107ff19f8056d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1771992212"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:79176bc3c4edbe030c867a9e68cf86fdd98ba645a85faaa18e39b313530c3456_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:79176bc3c4edbe030c867a9e68cf86fdd98ba645a85faaa18e39b313530c3456_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:79176bc3c4edbe030c867a9e68cf86fdd98ba645a85faaa18e39b313530c3456_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256%3A79176bc3c4edbe030c867a9e68cf86fdd98ba645a85faaa18e39b313530c3456?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1771992437"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:ee2fe46057b423f7352037f0203357a3d7d2ccbcb87d51cdab200121d4315bb7_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:ee2fe46057b423f7352037f0203357a3d7d2ccbcb87d51cdab200121d4315bb7_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:ee2fe46057b423f7352037f0203357a3d7d2ccbcb87d51cdab200121d4315bb7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256%3Aee2fe46057b423f7352037f0203357a3d7d2ccbcb87d51cdab200121d4315bb7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1771992208"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:ed1bd8e74eb84fe2cb11227bf4483244d48b9e396ba209b2682bbf297ddacce3_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:ed1bd8e74eb84fe2cb11227bf4483244d48b9e396ba209b2682bbf297ddacce3_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:ed1bd8e74eb84fe2cb11227bf4483244d48b9e396ba209b2682bbf297ddacce3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256%3Aed1bd8e74eb84fe2cb11227bf4483244d48b9e396ba209b2682bbf297ddacce3?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1771992528"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9920d110f9e91ac94bb68329ade74f6ff4cb12bc836cf26c3784a128e5740b23_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9920d110f9e91ac94bb68329ade74f6ff4cb12bc836cf26c3784a128e5740b23_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9920d110f9e91ac94bb68329ade74f6ff4cb12bc836cf26c3784a128e5740b23_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256%3A9920d110f9e91ac94bb68329ade74f6ff4cb12bc836cf26c3784a128e5740b23?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1771992461"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:8c2943d00fde9270625caee1e36e6b49e0880352ecaa39a35bad7f2955801615_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:8c2943d00fde9270625caee1e36e6b49e0880352ecaa39a35bad7f2955801615_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:8c2943d00fde9270625caee1e36e6b49e0880352ecaa39a35bad7f2955801615_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256%3A8c2943d00fde9270625caee1e36e6b49e0880352ecaa39a35bad7f2955801615?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1771992212"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:1f004a30a398677b3f7293ffe4afbf0a172179ab18336b3176fe70f4c8a1f77b_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:1f004a30a398677b3f7293ffe4afbf0a172179ab18336b3176fe70f4c8a1f77b_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:1f004a30a398677b3f7293ffe4afbf0a172179ab18336b3176fe70f4c8a1f77b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256%3A1f004a30a398677b3f7293ffe4afbf0a172179ab18336b3176fe70f4c8a1f77b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1771992437"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:00b06379319a10eab80e4287dfb4ca280bcdc225857eda09aab019912df266cc_amd64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:00b06379319a10eab80e4287dfb4ca280bcdc225857eda09aab019912df266cc_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:00b06379319a10eab80e4287dfb4ca280bcdc225857eda09aab019912df266cc_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:0c6a12c583d7dd62540e4ecc34a805e8ae69bd3e0db36d665440abb87dd90b6f_ppc64le as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:0c6a12c583d7dd62540e4ecc34a805e8ae69bd3e0db36d665440abb87dd90b6f_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:0c6a12c583d7dd62540e4ecc34a805e8ae69bd3e0db36d665440abb87dd90b6f_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:66c71452d031ef9b5b99b6ee124babfed74ed9ef8697a07e237e4d67a1dc197f_arm64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:66c71452d031ef9b5b99b6ee124babfed74ed9ef8697a07e237e4d67a1dc197f_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:66c71452d031ef9b5b99b6ee124babfed74ed9ef8697a07e237e4d67a1dc197f_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:ed1bd8e74eb84fe2cb11227bf4483244d48b9e396ba209b2682bbf297ddacce3_s390x as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:ed1bd8e74eb84fe2cb11227bf4483244d48b9e396ba209b2682bbf297ddacce3_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:ed1bd8e74eb84fe2cb11227bf4483244d48b9e396ba209b2682bbf297ddacce3_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:57bfa19df7cd8c94c9a1887195fa14583ec95607c65ab1a37ed36e515bf015d6_amd64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:57bfa19df7cd8c94c9a1887195fa14583ec95607c65ab1a37ed36e515bf015d6_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:57bfa19df7cd8c94c9a1887195fa14583ec95607c65ab1a37ed36e515bf015d6_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:c4d28d0365c81b302827338e517aa7b97e4e234f3e2b611035316162c2eed77c_ppc64le as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:c4d28d0365c81b302827338e517aa7b97e4e234f3e2b611035316162c2eed77c_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:c4d28d0365c81b302827338e517aa7b97e4e234f3e2b611035316162c2eed77c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:ee2fe46057b423f7352037f0203357a3d7d2ccbcb87d51cdab200121d4315bb7_s390x as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:ee2fe46057b423f7352037f0203357a3d7d2ccbcb87d51cdab200121d4315bb7_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:ee2fe46057b423f7352037f0203357a3d7d2ccbcb87d51cdab200121d4315bb7_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f0b58a20ccb618c10f3bb362d6864f32d745706e351a987542c53105a88378f4_arm64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f0b58a20ccb618c10f3bb362d6864f32d745706e351a987542c53105a88378f4_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f0b58a20ccb618c10f3bb362d6864f32d745706e351a987542c53105a88378f4_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:63ac3cee1a38f321dbdcb26e9b8bc4300bfe76bc38cb636004b91623c75aff86_amd64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:63ac3cee1a38f321dbdcb26e9b8bc4300bfe76bc38cb636004b91623c75aff86_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:63ac3cee1a38f321dbdcb26e9b8bc4300bfe76bc38cb636004b91623c75aff86_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:3462c8c5f48bce1a0b67fb91b9ec2addf658351ad2d0b2a83b508c62de326b9a_arm64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:3462c8c5f48bce1a0b67fb91b9ec2addf658351ad2d0b2a83b508c62de326b9a_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:3462c8c5f48bce1a0b67fb91b9ec2addf658351ad2d0b2a83b508c62de326b9a_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9920d110f9e91ac94bb68329ade74f6ff4cb12bc836cf26c3784a128e5740b23_s390x as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9920d110f9e91ac94bb68329ade74f6ff4cb12bc836cf26c3784a128e5740b23_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9920d110f9e91ac94bb68329ade74f6ff4cb12bc836cf26c3784a128e5740b23_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:dcbb2fdf5a578754156453c39006056aa42b22ec3a91b47a196939f5371d2884_amd64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:dcbb2fdf5a578754156453c39006056aa42b22ec3a91b47a196939f5371d2884_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:dcbb2fdf5a578754156453c39006056aa42b22ec3a91b47a196939f5371d2884_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:f62c529feebed0564ff70d317058d08bfb48429d997c941f89c9abd4b41cb040_ppc64le as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:f62c529feebed0564ff70d317058d08bfb48429d997c941f89c9abd4b41cb040_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:f62c529feebed0564ff70d317058d08bfb48429d997c941f89c9abd4b41cb040_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:3b963918db39c3a29370452c4d2412a5590ebc0b0ed05528c6c1749550f16883_amd64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:3b963918db39c3a29370452c4d2412a5590ebc0b0ed05528c6c1749550f16883_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:3b963918db39c3a29370452c4d2412a5590ebc0b0ed05528c6c1749550f16883_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:5b86898fbbd6d700a925c55b3f25b0c965e34f41a6af6cbb197107ff19f8056d_ppc64le as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:5b86898fbbd6d700a925c55b3f25b0c965e34f41a6af6cbb197107ff19f8056d_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:5b86898fbbd6d700a925c55b3f25b0c965e34f41a6af6cbb197107ff19f8056d_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:8c2943d00fde9270625caee1e36e6b49e0880352ecaa39a35bad7f2955801615_s390x as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:8c2943d00fde9270625caee1e36e6b49e0880352ecaa39a35bad7f2955801615_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:8c2943d00fde9270625caee1e36e6b49e0880352ecaa39a35bad7f2955801615_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:e84615cc4becd27ace58a15c20c791cdff22d3e4ce267c73606bdcb36ff99f79_arm64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:e84615cc4becd27ace58a15c20c791cdff22d3e4ce267c73606bdcb36ff99f79_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:e84615cc4becd27ace58a15c20c791cdff22d3e4ce267c73606bdcb36ff99f79_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:1f004a30a398677b3f7293ffe4afbf0a172179ab18336b3176fe70f4c8a1f77b_s390x as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:1f004a30a398677b3f7293ffe4afbf0a172179ab18336b3176fe70f4c8a1f77b_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:1f004a30a398677b3f7293ffe4afbf0a172179ab18336b3176fe70f4c8a1f77b_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:5024ef5bf24b002920ef504f7dd81cc1f6a92bf9e99769ff9d6d7a2390ee69fb_arm64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:5024ef5bf24b002920ef504f7dd81cc1f6a92bf9e99769ff9d6d7a2390ee69fb_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:5024ef5bf24b002920ef504f7dd81cc1f6a92bf9e99769ff9d6d7a2390ee69fb_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:79176bc3c4edbe030c867a9e68cf86fdd98ba645a85faaa18e39b313530c3456_ppc64le as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:79176bc3c4edbe030c867a9e68cf86fdd98ba645a85faaa18e39b313530c3456_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:79176bc3c4edbe030c867a9e68cf86fdd98ba645a85faaa18e39b313530c3456_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:84cac542d17180bc2103b553b8aa695668e9593d8f3c120ac6cf84af3843be2e_amd64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:84cac542d17180bc2103b553b8aa695668e9593d8f3c120ac6cf84af3843be2e_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:84cac542d17180bc2103b553b8aa695668e9593d8f3c120ac6cf84af3843be2e_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:00b06379319a10eab80e4287dfb4ca280bcdc225857eda09aab019912df266cc_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:0c6a12c583d7dd62540e4ecc34a805e8ae69bd3e0db36d665440abb87dd90b6f_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:66c71452d031ef9b5b99b6ee124babfed74ed9ef8697a07e237e4d67a1dc197f_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:ed1bd8e74eb84fe2cb11227bf4483244d48b9e396ba209b2682bbf297ddacce3_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:63ac3cee1a38f321dbdcb26e9b8bc4300bfe76bc38cb636004b91623c75aff86_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:57bfa19df7cd8c94c9a1887195fa14583ec95607c65ab1a37ed36e515bf015d6_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:c4d28d0365c81b302827338e517aa7b97e4e234f3e2b611035316162c2eed77c_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:ee2fe46057b423f7352037f0203357a3d7d2ccbcb87d51cdab200121d4315bb7_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f0b58a20ccb618c10f3bb362d6864f32d745706e351a987542c53105a88378f4_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:3462c8c5f48bce1a0b67fb91b9ec2addf658351ad2d0b2a83b508c62de326b9a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9920d110f9e91ac94bb68329ade74f6ff4cb12bc836cf26c3784a128e5740b23_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:dcbb2fdf5a578754156453c39006056aa42b22ec3a91b47a196939f5371d2884_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:f62c529feebed0564ff70d317058d08bfb48429d997c941f89c9abd4b41cb040_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:3b963918db39c3a29370452c4d2412a5590ebc0b0ed05528c6c1749550f16883_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:5b86898fbbd6d700a925c55b3f25b0c965e34f41a6af6cbb197107ff19f8056d_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:8c2943d00fde9270625caee1e36e6b49e0880352ecaa39a35bad7f2955801615_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:e84615cc4becd27ace58a15c20c791cdff22d3e4ce267c73606bdcb36ff99f79_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:1f004a30a398677b3f7293ffe4afbf0a172179ab18336b3176fe70f4c8a1f77b_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:5024ef5bf24b002920ef504f7dd81cc1f6a92bf9e99769ff9d6d7a2390ee69fb_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:79176bc3c4edbe030c867a9e68cf86fdd98ba645a85faaa18e39b313530c3456_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:84cac542d17180bc2103b553b8aa695668e9593d8f3c120ac6cf84af3843be2e_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:00b06379319a10eab80e4287dfb4ca280bcdc225857eda09aab019912df266cc_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:0c6a12c583d7dd62540e4ecc34a805e8ae69bd3e0db36d665440abb87dd90b6f_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:66c71452d031ef9b5b99b6ee124babfed74ed9ef8697a07e237e4d67a1dc197f_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:ed1bd8e74eb84fe2cb11227bf4483244d48b9e396ba209b2682bbf297ddacce3_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:63ac3cee1a38f321dbdcb26e9b8bc4300bfe76bc38cb636004b91623c75aff86_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-02T17:03:40+00:00",
"details": "See Red Hat OpenShift Service Mesh 2.6.14 documentation at https://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html/service_mesh/service-mesh-2-x",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:57bfa19df7cd8c94c9a1887195fa14583ec95607c65ab1a37ed36e515bf015d6_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:c4d28d0365c81b302827338e517aa7b97e4e234f3e2b611035316162c2eed77c_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:ee2fe46057b423f7352037f0203357a3d7d2ccbcb87d51cdab200121d4315bb7_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f0b58a20ccb618c10f3bb362d6864f32d745706e351a987542c53105a88378f4_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:3462c8c5f48bce1a0b67fb91b9ec2addf658351ad2d0b2a83b508c62de326b9a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9920d110f9e91ac94bb68329ade74f6ff4cb12bc836cf26c3784a128e5740b23_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:dcbb2fdf5a578754156453c39006056aa42b22ec3a91b47a196939f5371d2884_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:f62c529feebed0564ff70d317058d08bfb48429d997c941f89c9abd4b41cb040_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:3b963918db39c3a29370452c4d2412a5590ebc0b0ed05528c6c1749550f16883_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:5b86898fbbd6d700a925c55b3f25b0c965e34f41a6af6cbb197107ff19f8056d_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:8c2943d00fde9270625caee1e36e6b49e0880352ecaa39a35bad7f2955801615_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:e84615cc4becd27ace58a15c20c791cdff22d3e4ce267c73606bdcb36ff99f79_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:1f004a30a398677b3f7293ffe4afbf0a172179ab18336b3176fe70f4c8a1f77b_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:5024ef5bf24b002920ef504f7dd81cc1f6a92bf9e99769ff9d6d7a2390ee69fb_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:79176bc3c4edbe030c867a9e68cf86fdd98ba645a85faaa18e39b313530c3456_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:84cac542d17180bc2103b553b8aa695668e9593d8f3c120ac6cf84af3843be2e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3559"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:00b06379319a10eab80e4287dfb4ca280bcdc225857eda09aab019912df266cc_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:0c6a12c583d7dd62540e4ecc34a805e8ae69bd3e0db36d665440abb87dd90b6f_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:66c71452d031ef9b5b99b6ee124babfed74ed9ef8697a07e237e4d67a1dc197f_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:ed1bd8e74eb84fe2cb11227bf4483244d48b9e396ba209b2682bbf297ddacce3_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:57bfa19df7cd8c94c9a1887195fa14583ec95607c65ab1a37ed36e515bf015d6_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:c4d28d0365c81b302827338e517aa7b97e4e234f3e2b611035316162c2eed77c_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:ee2fe46057b423f7352037f0203357a3d7d2ccbcb87d51cdab200121d4315bb7_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f0b58a20ccb618c10f3bb362d6864f32d745706e351a987542c53105a88378f4_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:63ac3cee1a38f321dbdcb26e9b8bc4300bfe76bc38cb636004b91623c75aff86_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:3462c8c5f48bce1a0b67fb91b9ec2addf658351ad2d0b2a83b508c62de326b9a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9920d110f9e91ac94bb68329ade74f6ff4cb12bc836cf26c3784a128e5740b23_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:dcbb2fdf5a578754156453c39006056aa42b22ec3a91b47a196939f5371d2884_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:f62c529feebed0564ff70d317058d08bfb48429d997c941f89c9abd4b41cb040_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:3b963918db39c3a29370452c4d2412a5590ebc0b0ed05528c6c1749550f16883_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:5b86898fbbd6d700a925c55b3f25b0c965e34f41a6af6cbb197107ff19f8056d_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:8c2943d00fde9270625caee1e36e6b49e0880352ecaa39a35bad7f2955801615_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:e84615cc4becd27ace58a15c20c791cdff22d3e4ce267c73606bdcb36ff99f79_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:1f004a30a398677b3f7293ffe4afbf0a172179ab18336b3176fe70f4c8a1f77b_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:5024ef5bf24b002920ef504f7dd81cc1f6a92bf9e99769ff9d6d7a2390ee69fb_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:79176bc3c4edbe030c867a9e68cf86fdd98ba645a85faaa18e39b313530c3456_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:84cac542d17180bc2103b553b8aa695668e9593d8f3c120ac6cf84af3843be2e_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:00b06379319a10eab80e4287dfb4ca280bcdc225857eda09aab019912df266cc_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:0c6a12c583d7dd62540e4ecc34a805e8ae69bd3e0db36d665440abb87dd90b6f_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:66c71452d031ef9b5b99b6ee124babfed74ed9ef8697a07e237e4d67a1dc197f_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:ed1bd8e74eb84fe2cb11227bf4483244d48b9e396ba209b2682bbf297ddacce3_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:57bfa19df7cd8c94c9a1887195fa14583ec95607c65ab1a37ed36e515bf015d6_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:c4d28d0365c81b302827338e517aa7b97e4e234f3e2b611035316162c2eed77c_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:ee2fe46057b423f7352037f0203357a3d7d2ccbcb87d51cdab200121d4315bb7_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f0b58a20ccb618c10f3bb362d6864f32d745706e351a987542c53105a88378f4_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:63ac3cee1a38f321dbdcb26e9b8bc4300bfe76bc38cb636004b91623c75aff86_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:3462c8c5f48bce1a0b67fb91b9ec2addf658351ad2d0b2a83b508c62de326b9a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9920d110f9e91ac94bb68329ade74f6ff4cb12bc836cf26c3784a128e5740b23_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:dcbb2fdf5a578754156453c39006056aa42b22ec3a91b47a196939f5371d2884_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:f62c529feebed0564ff70d317058d08bfb48429d997c941f89c9abd4b41cb040_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:3b963918db39c3a29370452c4d2412a5590ebc0b0ed05528c6c1749550f16883_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:5b86898fbbd6d700a925c55b3f25b0c965e34f41a6af6cbb197107ff19f8056d_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:8c2943d00fde9270625caee1e36e6b49e0880352ecaa39a35bad7f2955801615_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:e84615cc4becd27ace58a15c20c791cdff22d3e4ce267c73606bdcb36ff99f79_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:1f004a30a398677b3f7293ffe4afbf0a172179ab18336b3176fe70f4c8a1f77b_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:5024ef5bf24b002920ef504f7dd81cc1f6a92bf9e99769ff9d6d7a2390ee69fb_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:79176bc3c4edbe030c867a9e68cf86fdd98ba645a85faaa18e39b313530c3456_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:84cac542d17180bc2103b553b8aa695668e9593d8f3c120ac6cf84af3843be2e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61728",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:39.965024+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:00b06379319a10eab80e4287dfb4ca280bcdc225857eda09aab019912df266cc_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:0c6a12c583d7dd62540e4ecc34a805e8ae69bd3e0db36d665440abb87dd90b6f_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:66c71452d031ef9b5b99b6ee124babfed74ed9ef8697a07e237e4d67a1dc197f_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:ed1bd8e74eb84fe2cb11227bf4483244d48b9e396ba209b2682bbf297ddacce3_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:63ac3cee1a38f321dbdcb26e9b8bc4300bfe76bc38cb636004b91623c75aff86_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434431"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker needs to be able to process a malicious zip archive with an application using the archive/zip package. Additionally, this vulnerability can cause a Go application to consume an excessive amount of CPU and memory, eventually resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:57bfa19df7cd8c94c9a1887195fa14583ec95607c65ab1a37ed36e515bf015d6_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:c4d28d0365c81b302827338e517aa7b97e4e234f3e2b611035316162c2eed77c_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:ee2fe46057b423f7352037f0203357a3d7d2ccbcb87d51cdab200121d4315bb7_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f0b58a20ccb618c10f3bb362d6864f32d745706e351a987542c53105a88378f4_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:3462c8c5f48bce1a0b67fb91b9ec2addf658351ad2d0b2a83b508c62de326b9a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9920d110f9e91ac94bb68329ade74f6ff4cb12bc836cf26c3784a128e5740b23_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:dcbb2fdf5a578754156453c39006056aa42b22ec3a91b47a196939f5371d2884_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:f62c529feebed0564ff70d317058d08bfb48429d997c941f89c9abd4b41cb040_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:3b963918db39c3a29370452c4d2412a5590ebc0b0ed05528c6c1749550f16883_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:5b86898fbbd6d700a925c55b3f25b0c965e34f41a6af6cbb197107ff19f8056d_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:8c2943d00fde9270625caee1e36e6b49e0880352ecaa39a35bad7f2955801615_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:e84615cc4becd27ace58a15c20c791cdff22d3e4ce267c73606bdcb36ff99f79_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:1f004a30a398677b3f7293ffe4afbf0a172179ab18336b3176fe70f4c8a1f77b_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:5024ef5bf24b002920ef504f7dd81cc1f6a92bf9e99769ff9d6d7a2390ee69fb_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:79176bc3c4edbe030c867a9e68cf86fdd98ba645a85faaa18e39b313530c3456_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:84cac542d17180bc2103b553b8aa695668e9593d8f3c120ac6cf84af3843be2e_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:00b06379319a10eab80e4287dfb4ca280bcdc225857eda09aab019912df266cc_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:0c6a12c583d7dd62540e4ecc34a805e8ae69bd3e0db36d665440abb87dd90b6f_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:66c71452d031ef9b5b99b6ee124babfed74ed9ef8697a07e237e4d67a1dc197f_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:ed1bd8e74eb84fe2cb11227bf4483244d48b9e396ba209b2682bbf297ddacce3_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:63ac3cee1a38f321dbdcb26e9b8bc4300bfe76bc38cb636004b91623c75aff86_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "RHBZ#2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://go.dev/cl/736713",
"url": "https://go.dev/cl/736713"
},
{
"category": "external",
"summary": "https://go.dev/issue/77102",
"url": "https://go.dev/issue/77102"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4342",
"url": "https://pkg.go.dev/vuln/GO-2026-4342"
}
],
"release_date": "2026-01-28T19:30:31.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-02T17:03:40+00:00",
"details": "See Red Hat OpenShift Service Mesh 2.6.14 documentation at https://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html/service_mesh/service-mesh-2-x",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:57bfa19df7cd8c94c9a1887195fa14583ec95607c65ab1a37ed36e515bf015d6_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:c4d28d0365c81b302827338e517aa7b97e4e234f3e2b611035316162c2eed77c_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:ee2fe46057b423f7352037f0203357a3d7d2ccbcb87d51cdab200121d4315bb7_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f0b58a20ccb618c10f3bb362d6864f32d745706e351a987542c53105a88378f4_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:3462c8c5f48bce1a0b67fb91b9ec2addf658351ad2d0b2a83b508c62de326b9a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9920d110f9e91ac94bb68329ade74f6ff4cb12bc836cf26c3784a128e5740b23_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:dcbb2fdf5a578754156453c39006056aa42b22ec3a91b47a196939f5371d2884_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:f62c529feebed0564ff70d317058d08bfb48429d997c941f89c9abd4b41cb040_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:3b963918db39c3a29370452c4d2412a5590ebc0b0ed05528c6c1749550f16883_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:5b86898fbbd6d700a925c55b3f25b0c965e34f41a6af6cbb197107ff19f8056d_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:8c2943d00fde9270625caee1e36e6b49e0880352ecaa39a35bad7f2955801615_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:e84615cc4becd27ace58a15c20c791cdff22d3e4ce267c73606bdcb36ff99f79_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:1f004a30a398677b3f7293ffe4afbf0a172179ab18336b3176fe70f4c8a1f77b_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:5024ef5bf24b002920ef504f7dd81cc1f6a92bf9e99769ff9d6d7a2390ee69fb_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:79176bc3c4edbe030c867a9e68cf86fdd98ba645a85faaa18e39b313530c3456_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:84cac542d17180bc2103b553b8aa695668e9593d8f3c120ac6cf84af3843be2e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3559"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, implement a timeout in your archive/zip processing logic to abort the operation if it exceeds a few seconds, preventing the application from consuming an excessive amount of resources.",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:00b06379319a10eab80e4287dfb4ca280bcdc225857eda09aab019912df266cc_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:0c6a12c583d7dd62540e4ecc34a805e8ae69bd3e0db36d665440abb87dd90b6f_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:66c71452d031ef9b5b99b6ee124babfed74ed9ef8697a07e237e4d67a1dc197f_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:ed1bd8e74eb84fe2cb11227bf4483244d48b9e396ba209b2682bbf297ddacce3_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:57bfa19df7cd8c94c9a1887195fa14583ec95607c65ab1a37ed36e515bf015d6_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:c4d28d0365c81b302827338e517aa7b97e4e234f3e2b611035316162c2eed77c_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:ee2fe46057b423f7352037f0203357a3d7d2ccbcb87d51cdab200121d4315bb7_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f0b58a20ccb618c10f3bb362d6864f32d745706e351a987542c53105a88378f4_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:63ac3cee1a38f321dbdcb26e9b8bc4300bfe76bc38cb636004b91623c75aff86_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:3462c8c5f48bce1a0b67fb91b9ec2addf658351ad2d0b2a83b508c62de326b9a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9920d110f9e91ac94bb68329ade74f6ff4cb12bc836cf26c3784a128e5740b23_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:dcbb2fdf5a578754156453c39006056aa42b22ec3a91b47a196939f5371d2884_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:f62c529feebed0564ff70d317058d08bfb48429d997c941f89c9abd4b41cb040_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:3b963918db39c3a29370452c4d2412a5590ebc0b0ed05528c6c1749550f16883_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:5b86898fbbd6d700a925c55b3f25b0c965e34f41a6af6cbb197107ff19f8056d_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:8c2943d00fde9270625caee1e36e6b49e0880352ecaa39a35bad7f2955801615_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:e84615cc4becd27ace58a15c20c791cdff22d3e4ce267c73606bdcb36ff99f79_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:1f004a30a398677b3f7293ffe4afbf0a172179ab18336b3176fe70f4c8a1f77b_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:5024ef5bf24b002920ef504f7dd81cc1f6a92bf9e99769ff9d6d7a2390ee69fb_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:79176bc3c4edbe030c867a9e68cf86fdd98ba645a85faaa18e39b313530c3456_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:84cac542d17180bc2103b553b8aa695668e9593d8f3c120ac6cf84af3843be2e_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:00b06379319a10eab80e4287dfb4ca280bcdc225857eda09aab019912df266cc_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:0c6a12c583d7dd62540e4ecc34a805e8ae69bd3e0db36d665440abb87dd90b6f_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:66c71452d031ef9b5b99b6ee124babfed74ed9ef8697a07e237e4d67a1dc197f_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:ed1bd8e74eb84fe2cb11227bf4483244d48b9e396ba209b2682bbf297ddacce3_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:57bfa19df7cd8c94c9a1887195fa14583ec95607c65ab1a37ed36e515bf015d6_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:c4d28d0365c81b302827338e517aa7b97e4e234f3e2b611035316162c2eed77c_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:ee2fe46057b423f7352037f0203357a3d7d2ccbcb87d51cdab200121d4315bb7_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f0b58a20ccb618c10f3bb362d6864f32d745706e351a987542c53105a88378f4_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:63ac3cee1a38f321dbdcb26e9b8bc4300bfe76bc38cb636004b91623c75aff86_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:3462c8c5f48bce1a0b67fb91b9ec2addf658351ad2d0b2a83b508c62de326b9a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9920d110f9e91ac94bb68329ade74f6ff4cb12bc836cf26c3784a128e5740b23_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:dcbb2fdf5a578754156453c39006056aa42b22ec3a91b47a196939f5371d2884_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:f62c529feebed0564ff70d317058d08bfb48429d997c941f89c9abd4b41cb040_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:3b963918db39c3a29370452c4d2412a5590ebc0b0ed05528c6c1749550f16883_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:5b86898fbbd6d700a925c55b3f25b0c965e34f41a6af6cbb197107ff19f8056d_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:8c2943d00fde9270625caee1e36e6b49e0880352ecaa39a35bad7f2955801615_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:e84615cc4becd27ace58a15c20c791cdff22d3e4ce267c73606bdcb36ff99f79_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:1f004a30a398677b3f7293ffe4afbf0a172179ab18336b3176fe70f4c8a1f77b_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:5024ef5bf24b002920ef504f7dd81cc1f6a92bf9e99769ff9d6d7a2390ee69fb_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:79176bc3c4edbe030c867a9e68cf86fdd98ba645a85faaa18e39b313530c3456_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:84cac542d17180bc2103b553b8aa695668e9593d8f3c120ac6cf84af3843be2e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip"
},
{
"cve": "CVE-2025-61731",
"cwe": {
"id": "CWE-88",
"name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
},
"discovery_date": "2026-01-28T20:01:45.587773+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:00b06379319a10eab80e4287dfb4ca280bcdc225857eda09aab019912df266cc_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:0c6a12c583d7dd62540e4ecc34a805e8ae69bd3e0db36d665440abb87dd90b6f_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:66c71452d031ef9b5b99b6ee124babfed74ed9ef8697a07e237e4d67a1dc197f_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:ed1bd8e74eb84fe2cb11227bf4483244d48b9e396ba209b2682bbf297ddacce3_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:63ac3cee1a38f321dbdcb26e9b8bc4300bfe76bc38cb636004b91623c75aff86_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434433"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in cmd/go. An attacker can exploit this by building a malicious Go source file that uses the \u0027#cgo pkg-config:\u0027 directive. This allows the attacker to write to an arbitrary file with partial control over its content, by providing a \u0027--log-file\u0027 argument to the pkg-config command. This vulnerability can lead to arbitrary file write.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is Important rather than Moderate because compiling a malicious Go source file can cause `pkg-config` to create or append data to files at attacker-chosen locations, subject to the permissions of the build user. This can enable unintended filesystem modifications during the build process, which can lead to broken builds, alter tool behavior, and poison caches or artifacts, even without direct code execution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:57bfa19df7cd8c94c9a1887195fa14583ec95607c65ab1a37ed36e515bf015d6_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:c4d28d0365c81b302827338e517aa7b97e4e234f3e2b611035316162c2eed77c_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:ee2fe46057b423f7352037f0203357a3d7d2ccbcb87d51cdab200121d4315bb7_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f0b58a20ccb618c10f3bb362d6864f32d745706e351a987542c53105a88378f4_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:3462c8c5f48bce1a0b67fb91b9ec2addf658351ad2d0b2a83b508c62de326b9a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9920d110f9e91ac94bb68329ade74f6ff4cb12bc836cf26c3784a128e5740b23_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:dcbb2fdf5a578754156453c39006056aa42b22ec3a91b47a196939f5371d2884_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:f62c529feebed0564ff70d317058d08bfb48429d997c941f89c9abd4b41cb040_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:3b963918db39c3a29370452c4d2412a5590ebc0b0ed05528c6c1749550f16883_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:5b86898fbbd6d700a925c55b3f25b0c965e34f41a6af6cbb197107ff19f8056d_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:8c2943d00fde9270625caee1e36e6b49e0880352ecaa39a35bad7f2955801615_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:e84615cc4becd27ace58a15c20c791cdff22d3e4ce267c73606bdcb36ff99f79_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:1f004a30a398677b3f7293ffe4afbf0a172179ab18336b3176fe70f4c8a1f77b_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:5024ef5bf24b002920ef504f7dd81cc1f6a92bf9e99769ff9d6d7a2390ee69fb_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:79176bc3c4edbe030c867a9e68cf86fdd98ba645a85faaa18e39b313530c3456_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:84cac542d17180bc2103b553b8aa695668e9593d8f3c120ac6cf84af3843be2e_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:00b06379319a10eab80e4287dfb4ca280bcdc225857eda09aab019912df266cc_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:0c6a12c583d7dd62540e4ecc34a805e8ae69bd3e0db36d665440abb87dd90b6f_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:66c71452d031ef9b5b99b6ee124babfed74ed9ef8697a07e237e4d67a1dc197f_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:ed1bd8e74eb84fe2cb11227bf4483244d48b9e396ba209b2682bbf297ddacce3_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:63ac3cee1a38f321dbdcb26e9b8bc4300bfe76bc38cb636004b91623c75aff86_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61731"
},
{
"category": "external",
"summary": "RHBZ#2434433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434433"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61731"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61731",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61731"
},
{
"category": "external",
"summary": "https://go.dev/cl/736711",
"url": "https://go.dev/cl/736711"
},
{
"category": "external",
"summary": "https://go.dev/issue/77100",
"url": "https://go.dev/issue/77100"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4339",
"url": "https://pkg.go.dev/vuln/GO-2026-4339"
}
],
"release_date": "2026-01-28T19:30:30.844000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-02T17:03:40+00:00",
"details": "See Red Hat OpenShift Service Mesh 2.6.14 documentation at https://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html/service_mesh/service-mesh-2-x",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:57bfa19df7cd8c94c9a1887195fa14583ec95607c65ab1a37ed36e515bf015d6_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:c4d28d0365c81b302827338e517aa7b97e4e234f3e2b611035316162c2eed77c_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:ee2fe46057b423f7352037f0203357a3d7d2ccbcb87d51cdab200121d4315bb7_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f0b58a20ccb618c10f3bb362d6864f32d745706e351a987542c53105a88378f4_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:3462c8c5f48bce1a0b67fb91b9ec2addf658351ad2d0b2a83b508c62de326b9a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9920d110f9e91ac94bb68329ade74f6ff4cb12bc836cf26c3784a128e5740b23_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:dcbb2fdf5a578754156453c39006056aa42b22ec3a91b47a196939f5371d2884_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:f62c529feebed0564ff70d317058d08bfb48429d997c941f89c9abd4b41cb040_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:3b963918db39c3a29370452c4d2412a5590ebc0b0ed05528c6c1749550f16883_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:5b86898fbbd6d700a925c55b3f25b0c965e34f41a6af6cbb197107ff19f8056d_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:8c2943d00fde9270625caee1e36e6b49e0880352ecaa39a35bad7f2955801615_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:e84615cc4becd27ace58a15c20c791cdff22d3e4ce267c73606bdcb36ff99f79_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:1f004a30a398677b3f7293ffe4afbf0a172179ab18336b3176fe70f4c8a1f77b_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:5024ef5bf24b002920ef504f7dd81cc1f6a92bf9e99769ff9d6d7a2390ee69fb_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:79176bc3c4edbe030c867a9e68cf86fdd98ba645a85faaa18e39b313530c3456_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:84cac542d17180bc2103b553b8aa695668e9593d8f3c120ac6cf84af3843be2e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3559"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:00b06379319a10eab80e4287dfb4ca280bcdc225857eda09aab019912df266cc_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:0c6a12c583d7dd62540e4ecc34a805e8ae69bd3e0db36d665440abb87dd90b6f_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:66c71452d031ef9b5b99b6ee124babfed74ed9ef8697a07e237e4d67a1dc197f_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:ed1bd8e74eb84fe2cb11227bf4483244d48b9e396ba209b2682bbf297ddacce3_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:57bfa19df7cd8c94c9a1887195fa14583ec95607c65ab1a37ed36e515bf015d6_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:c4d28d0365c81b302827338e517aa7b97e4e234f3e2b611035316162c2eed77c_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:ee2fe46057b423f7352037f0203357a3d7d2ccbcb87d51cdab200121d4315bb7_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f0b58a20ccb618c10f3bb362d6864f32d745706e351a987542c53105a88378f4_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:63ac3cee1a38f321dbdcb26e9b8bc4300bfe76bc38cb636004b91623c75aff86_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:3462c8c5f48bce1a0b67fb91b9ec2addf658351ad2d0b2a83b508c62de326b9a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9920d110f9e91ac94bb68329ade74f6ff4cb12bc836cf26c3784a128e5740b23_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:dcbb2fdf5a578754156453c39006056aa42b22ec3a91b47a196939f5371d2884_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:f62c529feebed0564ff70d317058d08bfb48429d997c941f89c9abd4b41cb040_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:3b963918db39c3a29370452c4d2412a5590ebc0b0ed05528c6c1749550f16883_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:5b86898fbbd6d700a925c55b3f25b0c965e34f41a6af6cbb197107ff19f8056d_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:8c2943d00fde9270625caee1e36e6b49e0880352ecaa39a35bad7f2955801615_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:e84615cc4becd27ace58a15c20c791cdff22d3e4ce267c73606bdcb36ff99f79_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:1f004a30a398677b3f7293ffe4afbf0a172179ab18336b3176fe70f4c8a1f77b_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:5024ef5bf24b002920ef504f7dd81cc1f6a92bf9e99769ff9d6d7a2390ee69fb_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:79176bc3c4edbe030c867a9e68cf86fdd98ba645a85faaa18e39b313530c3456_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:84cac542d17180bc2103b553b8aa695668e9593d8f3c120ac6cf84af3843be2e_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:00b06379319a10eab80e4287dfb4ca280bcdc225857eda09aab019912df266cc_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:0c6a12c583d7dd62540e4ecc34a805e8ae69bd3e0db36d665440abb87dd90b6f_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:66c71452d031ef9b5b99b6ee124babfed74ed9ef8697a07e237e4d67a1dc197f_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:ed1bd8e74eb84fe2cb11227bf4483244d48b9e396ba209b2682bbf297ddacce3_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:57bfa19df7cd8c94c9a1887195fa14583ec95607c65ab1a37ed36e515bf015d6_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:c4d28d0365c81b302827338e517aa7b97e4e234f3e2b611035316162c2eed77c_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:ee2fe46057b423f7352037f0203357a3d7d2ccbcb87d51cdab200121d4315bb7_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f0b58a20ccb618c10f3bb362d6864f32d745706e351a987542c53105a88378f4_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:63ac3cee1a38f321dbdcb26e9b8bc4300bfe76bc38cb636004b91623c75aff86_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:3462c8c5f48bce1a0b67fb91b9ec2addf658351ad2d0b2a83b508c62de326b9a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9920d110f9e91ac94bb68329ade74f6ff4cb12bc836cf26c3784a128e5740b23_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:dcbb2fdf5a578754156453c39006056aa42b22ec3a91b47a196939f5371d2884_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:f62c529feebed0564ff70d317058d08bfb48429d997c941f89c9abd4b41cb040_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:3b963918db39c3a29370452c4d2412a5590ebc0b0ed05528c6c1749550f16883_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:5b86898fbbd6d700a925c55b3f25b0c965e34f41a6af6cbb197107ff19f8056d_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:8c2943d00fde9270625caee1e36e6b49e0880352ecaa39a35bad7f2955801615_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:e84615cc4becd27ace58a15c20c791cdff22d3e4ce267c73606bdcb36ff99f79_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:1f004a30a398677b3f7293ffe4afbf0a172179ab18336b3176fe70f4c8a1f77b_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:5024ef5bf24b002920ef504f7dd81cc1f6a92bf9e99769ff9d6d7a2390ee69fb_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:79176bc3c4edbe030c867a9e68cf86fdd98ba645a85faaa18e39b313530c3456_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:84cac542d17180bc2103b553b8aa695668e9593d8f3c120ac6cf84af3843be2e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive"
},
{
"cve": "CVE-2025-61732",
"discovery_date": "2026-02-05T05:00:47.678207+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:00b06379319a10eab80e4287dfb4ca280bcdc225857eda09aab019912df266cc_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:0c6a12c583d7dd62540e4ecc34a805e8ae69bd3e0db36d665440abb87dd90b6f_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:66c71452d031ef9b5b99b6ee124babfed74ed9ef8697a07e237e4d67a1dc197f_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:ed1bd8e74eb84fe2cb11227bf4483244d48b9e396ba209b2682bbf297ddacce3_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:63ac3cee1a38f321dbdcb26e9b8bc4300bfe76bc38cb636004b91623c75aff86_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437016"
}
],
"notes": [
{
"category": "description",
"text": "A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cmd/cgo: Potential code smuggling via doc comments in cmd/cgo",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:57bfa19df7cd8c94c9a1887195fa14583ec95607c65ab1a37ed36e515bf015d6_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:c4d28d0365c81b302827338e517aa7b97e4e234f3e2b611035316162c2eed77c_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:ee2fe46057b423f7352037f0203357a3d7d2ccbcb87d51cdab200121d4315bb7_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f0b58a20ccb618c10f3bb362d6864f32d745706e351a987542c53105a88378f4_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:3462c8c5f48bce1a0b67fb91b9ec2addf658351ad2d0b2a83b508c62de326b9a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9920d110f9e91ac94bb68329ade74f6ff4cb12bc836cf26c3784a128e5740b23_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:dcbb2fdf5a578754156453c39006056aa42b22ec3a91b47a196939f5371d2884_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:f62c529feebed0564ff70d317058d08bfb48429d997c941f89c9abd4b41cb040_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:3b963918db39c3a29370452c4d2412a5590ebc0b0ed05528c6c1749550f16883_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:5b86898fbbd6d700a925c55b3f25b0c965e34f41a6af6cbb197107ff19f8056d_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:8c2943d00fde9270625caee1e36e6b49e0880352ecaa39a35bad7f2955801615_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:e84615cc4becd27ace58a15c20c791cdff22d3e4ce267c73606bdcb36ff99f79_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:1f004a30a398677b3f7293ffe4afbf0a172179ab18336b3176fe70f4c8a1f77b_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:5024ef5bf24b002920ef504f7dd81cc1f6a92bf9e99769ff9d6d7a2390ee69fb_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:79176bc3c4edbe030c867a9e68cf86fdd98ba645a85faaa18e39b313530c3456_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:84cac542d17180bc2103b553b8aa695668e9593d8f3c120ac6cf84af3843be2e_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:00b06379319a10eab80e4287dfb4ca280bcdc225857eda09aab019912df266cc_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:0c6a12c583d7dd62540e4ecc34a805e8ae69bd3e0db36d665440abb87dd90b6f_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:66c71452d031ef9b5b99b6ee124babfed74ed9ef8697a07e237e4d67a1dc197f_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:ed1bd8e74eb84fe2cb11227bf4483244d48b9e396ba209b2682bbf297ddacce3_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:63ac3cee1a38f321dbdcb26e9b8bc4300bfe76bc38cb636004b91623c75aff86_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61732"
},
{
"category": "external",
"summary": "RHBZ#2437016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437016"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61732"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"category": "external",
"summary": "https://go.dev/cl/734220",
"url": "https://go.dev/cl/734220"
},
{
"category": "external",
"summary": "https://go.dev/issue/76697",
"url": "https://go.dev/issue/76697"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4433",
"url": "https://pkg.go.dev/vuln/GO-2026-4433"
}
],
"release_date": "2026-02-05T03:42:26.392000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-02T17:03:40+00:00",
"details": "See Red Hat OpenShift Service Mesh 2.6.14 documentation at https://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html/service_mesh/service-mesh-2-x",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:57bfa19df7cd8c94c9a1887195fa14583ec95607c65ab1a37ed36e515bf015d6_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:c4d28d0365c81b302827338e517aa7b97e4e234f3e2b611035316162c2eed77c_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:ee2fe46057b423f7352037f0203357a3d7d2ccbcb87d51cdab200121d4315bb7_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f0b58a20ccb618c10f3bb362d6864f32d745706e351a987542c53105a88378f4_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:3462c8c5f48bce1a0b67fb91b9ec2addf658351ad2d0b2a83b508c62de326b9a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9920d110f9e91ac94bb68329ade74f6ff4cb12bc836cf26c3784a128e5740b23_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:dcbb2fdf5a578754156453c39006056aa42b22ec3a91b47a196939f5371d2884_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:f62c529feebed0564ff70d317058d08bfb48429d997c941f89c9abd4b41cb040_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:3b963918db39c3a29370452c4d2412a5590ebc0b0ed05528c6c1749550f16883_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:5b86898fbbd6d700a925c55b3f25b0c965e34f41a6af6cbb197107ff19f8056d_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:8c2943d00fde9270625caee1e36e6b49e0880352ecaa39a35bad7f2955801615_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:e84615cc4becd27ace58a15c20c791cdff22d3e4ce267c73606bdcb36ff99f79_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:1f004a30a398677b3f7293ffe4afbf0a172179ab18336b3176fe70f4c8a1f77b_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:5024ef5bf24b002920ef504f7dd81cc1f6a92bf9e99769ff9d6d7a2390ee69fb_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:79176bc3c4edbe030c867a9e68cf86fdd98ba645a85faaa18e39b313530c3456_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:84cac542d17180bc2103b553b8aa695668e9593d8f3c120ac6cf84af3843be2e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3559"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:00b06379319a10eab80e4287dfb4ca280bcdc225857eda09aab019912df266cc_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:0c6a12c583d7dd62540e4ecc34a805e8ae69bd3e0db36d665440abb87dd90b6f_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:66c71452d031ef9b5b99b6ee124babfed74ed9ef8697a07e237e4d67a1dc197f_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:ed1bd8e74eb84fe2cb11227bf4483244d48b9e396ba209b2682bbf297ddacce3_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:57bfa19df7cd8c94c9a1887195fa14583ec95607c65ab1a37ed36e515bf015d6_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:c4d28d0365c81b302827338e517aa7b97e4e234f3e2b611035316162c2eed77c_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:ee2fe46057b423f7352037f0203357a3d7d2ccbcb87d51cdab200121d4315bb7_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f0b58a20ccb618c10f3bb362d6864f32d745706e351a987542c53105a88378f4_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:63ac3cee1a38f321dbdcb26e9b8bc4300bfe76bc38cb636004b91623c75aff86_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:3462c8c5f48bce1a0b67fb91b9ec2addf658351ad2d0b2a83b508c62de326b9a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9920d110f9e91ac94bb68329ade74f6ff4cb12bc836cf26c3784a128e5740b23_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:dcbb2fdf5a578754156453c39006056aa42b22ec3a91b47a196939f5371d2884_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:f62c529feebed0564ff70d317058d08bfb48429d997c941f89c9abd4b41cb040_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:3b963918db39c3a29370452c4d2412a5590ebc0b0ed05528c6c1749550f16883_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:5b86898fbbd6d700a925c55b3f25b0c965e34f41a6af6cbb197107ff19f8056d_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:8c2943d00fde9270625caee1e36e6b49e0880352ecaa39a35bad7f2955801615_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:e84615cc4becd27ace58a15c20c791cdff22d3e4ce267c73606bdcb36ff99f79_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:1f004a30a398677b3f7293ffe4afbf0a172179ab18336b3176fe70f4c8a1f77b_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:5024ef5bf24b002920ef504f7dd81cc1f6a92bf9e99769ff9d6d7a2390ee69fb_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:79176bc3c4edbe030c867a9e68cf86fdd98ba645a85faaa18e39b313530c3456_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:84cac542d17180bc2103b553b8aa695668e9593d8f3c120ac6cf84af3843be2e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cmd/cgo: Potential code smuggling via doc comments in cmd/cgo"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:00b06379319a10eab80e4287dfb4ca280bcdc225857eda09aab019912df266cc_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:0c6a12c583d7dd62540e4ecc34a805e8ae69bd3e0db36d665440abb87dd90b6f_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:66c71452d031ef9b5b99b6ee124babfed74ed9ef8697a07e237e4d67a1dc197f_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:ed1bd8e74eb84fe2cb11227bf4483244d48b9e396ba209b2682bbf297ddacce3_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:63ac3cee1a38f321dbdcb26e9b8bc4300bfe76bc38cb636004b91623c75aff86_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the returned Config, or uses Config.GetConfigForClient. This can cause a client to resume a session with a server that it would not have resumed with during the initial handshake, or cause a server to resume a session with a client that it would not have resumed with during the initial handshake.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: Unexpected session resumption in crypto/tls",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:57bfa19df7cd8c94c9a1887195fa14583ec95607c65ab1a37ed36e515bf015d6_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:c4d28d0365c81b302827338e517aa7b97e4e234f3e2b611035316162c2eed77c_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:ee2fe46057b423f7352037f0203357a3d7d2ccbcb87d51cdab200121d4315bb7_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f0b58a20ccb618c10f3bb362d6864f32d745706e351a987542c53105a88378f4_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:3462c8c5f48bce1a0b67fb91b9ec2addf658351ad2d0b2a83b508c62de326b9a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9920d110f9e91ac94bb68329ade74f6ff4cb12bc836cf26c3784a128e5740b23_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:dcbb2fdf5a578754156453c39006056aa42b22ec3a91b47a196939f5371d2884_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:f62c529feebed0564ff70d317058d08bfb48429d997c941f89c9abd4b41cb040_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:3b963918db39c3a29370452c4d2412a5590ebc0b0ed05528c6c1749550f16883_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:5b86898fbbd6d700a925c55b3f25b0c965e34f41a6af6cbb197107ff19f8056d_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:8c2943d00fde9270625caee1e36e6b49e0880352ecaa39a35bad7f2955801615_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:e84615cc4becd27ace58a15c20c791cdff22d3e4ce267c73606bdcb36ff99f79_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:1f004a30a398677b3f7293ffe4afbf0a172179ab18336b3176fe70f4c8a1f77b_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:5024ef5bf24b002920ef504f7dd81cc1f6a92bf9e99769ff9d6d7a2390ee69fb_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:79176bc3c4edbe030c867a9e68cf86fdd98ba645a85faaa18e39b313530c3456_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:84cac542d17180bc2103b553b8aa695668e9593d8f3c120ac6cf84af3843be2e_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:00b06379319a10eab80e4287dfb4ca280bcdc225857eda09aab019912df266cc_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:0c6a12c583d7dd62540e4ecc34a805e8ae69bd3e0db36d665440abb87dd90b6f_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:66c71452d031ef9b5b99b6ee124babfed74ed9ef8697a07e237e4d67a1dc197f_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:ed1bd8e74eb84fe2cb11227bf4483244d48b9e396ba209b2682bbf297ddacce3_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:63ac3cee1a38f321dbdcb26e9b8bc4300bfe76bc38cb636004b91623c75aff86_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-02T17:03:40+00:00",
"details": "See Red Hat OpenShift Service Mesh 2.6.14 documentation at https://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html/service_mesh/service-mesh-2-x",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:57bfa19df7cd8c94c9a1887195fa14583ec95607c65ab1a37ed36e515bf015d6_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:c4d28d0365c81b302827338e517aa7b97e4e234f3e2b611035316162c2eed77c_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:ee2fe46057b423f7352037f0203357a3d7d2ccbcb87d51cdab200121d4315bb7_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f0b58a20ccb618c10f3bb362d6864f32d745706e351a987542c53105a88378f4_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:3462c8c5f48bce1a0b67fb91b9ec2addf658351ad2d0b2a83b508c62de326b9a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9920d110f9e91ac94bb68329ade74f6ff4cb12bc836cf26c3784a128e5740b23_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:dcbb2fdf5a578754156453c39006056aa42b22ec3a91b47a196939f5371d2884_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:f62c529feebed0564ff70d317058d08bfb48429d997c941f89c9abd4b41cb040_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:3b963918db39c3a29370452c4d2412a5590ebc0b0ed05528c6c1749550f16883_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:5b86898fbbd6d700a925c55b3f25b0c965e34f41a6af6cbb197107ff19f8056d_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:8c2943d00fde9270625caee1e36e6b49e0880352ecaa39a35bad7f2955801615_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:e84615cc4becd27ace58a15c20c791cdff22d3e4ce267c73606bdcb36ff99f79_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:1f004a30a398677b3f7293ffe4afbf0a172179ab18336b3176fe70f4c8a1f77b_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:5024ef5bf24b002920ef504f7dd81cc1f6a92bf9e99769ff9d6d7a2390ee69fb_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:79176bc3c4edbe030c867a9e68cf86fdd98ba645a85faaa18e39b313530c3456_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:84cac542d17180bc2103b553b8aa695668e9593d8f3c120ac6cf84af3843be2e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3559"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:00b06379319a10eab80e4287dfb4ca280bcdc225857eda09aab019912df266cc_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:0c6a12c583d7dd62540e4ecc34a805e8ae69bd3e0db36d665440abb87dd90b6f_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:66c71452d031ef9b5b99b6ee124babfed74ed9ef8697a07e237e4d67a1dc197f_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:ed1bd8e74eb84fe2cb11227bf4483244d48b9e396ba209b2682bbf297ddacce3_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:57bfa19df7cd8c94c9a1887195fa14583ec95607c65ab1a37ed36e515bf015d6_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:c4d28d0365c81b302827338e517aa7b97e4e234f3e2b611035316162c2eed77c_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:ee2fe46057b423f7352037f0203357a3d7d2ccbcb87d51cdab200121d4315bb7_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f0b58a20ccb618c10f3bb362d6864f32d745706e351a987542c53105a88378f4_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:63ac3cee1a38f321dbdcb26e9b8bc4300bfe76bc38cb636004b91623c75aff86_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:3462c8c5f48bce1a0b67fb91b9ec2addf658351ad2d0b2a83b508c62de326b9a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9920d110f9e91ac94bb68329ade74f6ff4cb12bc836cf26c3784a128e5740b23_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:dcbb2fdf5a578754156453c39006056aa42b22ec3a91b47a196939f5371d2884_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:f62c529feebed0564ff70d317058d08bfb48429d997c941f89c9abd4b41cb040_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:3b963918db39c3a29370452c4d2412a5590ebc0b0ed05528c6c1749550f16883_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:5b86898fbbd6d700a925c55b3f25b0c965e34f41a6af6cbb197107ff19f8056d_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:8c2943d00fde9270625caee1e36e6b49e0880352ecaa39a35bad7f2955801615_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:e84615cc4becd27ace58a15c20c791cdff22d3e4ce267c73606bdcb36ff99f79_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:1f004a30a398677b3f7293ffe4afbf0a172179ab18336b3176fe70f4c8a1f77b_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:5024ef5bf24b002920ef504f7dd81cc1f6a92bf9e99769ff9d6d7a2390ee69fb_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:79176bc3c4edbe030c867a9e68cf86fdd98ba645a85faaa18e39b313530c3456_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:84cac542d17180bc2103b553b8aa695668e9593d8f3c120ac6cf84af3843be2e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: Unexpected session resumption in crypto/tls"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…