RHSA-2026:40262

Vulnerability from csaf_redhat - Published: 2026-07-15 19:14 - Updated: 2026-07-16 19:42
Summary
Red Hat Security Advisory: Red Hat Quay 3.9.24
Severity
Important
Notes
Topic: Red Hat Quay 3.9.24 is now available with bug fixes.
Details: Quay 3.9.24
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

A flaw was found in form-data, a library for creating readable multipart/form-data streams. A remote attacker can exploit this vulnerability by injecting carriage return (CR), line feed (LF), or double-quote (") characters into the `field` argument of `FormData#append` or the `filename` option. This allows the attacker to inject additional headers or smuggle entire additional multipart parts into requests, potentially enabling them to add or override form fields and compromise data integrity.

CWE-93 - Improper Neutralization of CRLF Sequences ('CRLF Injection')
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x
Vendor Fix fix
Workaround
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x
Workaround
Threats
Impact Important

A flaw was found in fast-uri. This vulnerability occurs because fast-uri fails to properly convert Unicode (Internationalized Domain Name - IDN) hostnames for HTTP-family URLs. This can lead to a situation where security policies, such as denylists or redirect validations, are bypassed when applications use fast-uri to enforce these policies before passing the URL to another parser. A remote attacker could exploit this to circumvent security controls and potentially access unauthorized resources or perform malicious redirects.

CWE-551 - Incorrect Behavior Order: Authorization Before Parsing and Canonicalization
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x
Vendor Fix fix
Workaround
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x
Workaround
Threats
Impact Important

A flaw was found in Red Hat Quay's Proxy Cache configuration feature. When an organization administrator configures an upstream registry for proxy caching, Quay makes a network connection to the specified registry hostname without verifying that it points to a legitimate external service. An attacker with organization administrator privileges could supply a crafted hostname to force the Quay server to make requests to internal network services, cloud infrastructure endpoints, or other resources that should not be accessible from the Quay application.

CWE-918 - Server-Side Request Forgery (SSRF)
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le
Vendor Fix fix
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64
Vendor Fix fix
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x
Vendor Fix fix
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x
Threats
Impact Important

A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.

CWE-606 - Unchecked Input for Loop Condition
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x
Vendor Fix fix
Workaround
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x
Workaround
Threats
Impact Important

A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.

CWE-1289 - Improper Validation of Unsafe Equivalence in Input
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x
Vendor Fix fix
Workaround
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x
Workaround
Threats
Impact Important

A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.

CWE-281 - Improper Preservation of Permissions
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x
Vendor Fix fix
Workaround
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x
Workaround
Threats
Impact Important

A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.

CWE-1284 - Improper Validation of Specified Quantity in Input
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x
Vendor Fix fix
Workaround
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x
Workaround
Threats
Impact Important

A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection's read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system.

CWE-772 - Missing Release of Resource after Effective Lifetime
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x
Vendor Fix fix
Workaround
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x
Workaround
Threats
Impact Important

A flaw was found in golang.org/x/crypto/ssh. The Verify() method, responsible for FIDO/U2F security key types, did not properly check for user presence. This allowed signatures to be accepted without requiring a physical touch on the hardware security key. As a result, an attacker could potentially use a hardware security key in an unattended manner, bypassing a critical security control designed to ensure user intent.

CWE-347 - Improper Verification of Cryptographic Signature
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le
Vendor Fix fix
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64
Vendor Fix fix
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x
Vendor Fix fix
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x
Threats
Impact Important

A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the unrestricted use of the key on the remote host. This vulnerability could enable an attacker to bypass intended security controls and perform unauthorized actions.

CWE-281 - Improper Preservation of Permissions
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x
Vendor Fix fix
Workaround
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x
Workaround
Threats
Impact Important

A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).

CWE-476 - NULL Pointer Dereference
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x
Vendor Fix fix
Workaround
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x
Workaround
Threats
Impact Important

A flaw was found in Prometheus, an open-source monitoring system. The `client_secret` field within the Azure Active Directory (AD) remote write OAuth configuration was incorrectly handled as a plain string instead of a secure Secret type. This misconfiguration allowed any user or process with access to the `/-/config` HTTP API endpoint to view the Azure OAuth client secret in plaintext. This vulnerability leads to information disclosure, potentially compromising the security of integrated Azure AD services.

CWE-256 - Plaintext Storage of a Password
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le
Vendor Fix fix
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64
Vendor Fix fix
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x
Vendor Fix fix
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x
Threats
Impact Important

A flaw was found in Prometheus. An unauthenticated attacker can exploit the remote read endpoint (`/api/v1/read`) by sending a specially crafted, small snappy-compressed payload. This payload causes a disproportionately large memory allocation, leading to memory exhaustion and a Denial of Service (DoS) by crashing the Prometheus process.

CWE-770 - Allocation of Resources Without Limits or Throttling
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le
Vendor Fix fix
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64
Vendor Fix fix
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x
Vendor Fix fix
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x
Threats
Impact Important

A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.

CWE-1046 - Creation of Immutable Text Using String Concatenation
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x
Vendor Fix fix
Workaround
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x
Workaround
Threats
Impact Important

A flaw was found in golang.org/x/crypto/ssh/knownhosts. This vulnerability occurs because the system did not correctly check for the revocation status of a SignatureKey belonging to a Certificate Authority (CA). A remote attacker could potentially exploit this by presenting a revoked key, leading to the system accepting it as valid. This could allow an attacker to bypass security checks and potentially gain unauthorized access or spoof legitimate entities.

CWE-295 - Improper Certificate Validation
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le
Vendor Fix fix
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64
Vendor Fix fix
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x
Vendor Fix fix
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x
Threats
Impact Important

A flaw was found in Axios, a promise-based HTTP client, specifically in its Node.js HTTP adapter. When Axios is configured to use an authenticated proxy and follows a redirect, it may inadvertently send the Proxy-Authorization header, containing proxy credentials, to the redirect target. This can lead to the disclosure of sensitive proxy credentials to an unintended remote server.

CWE-201 - Insertion of Sensitive Information Into Sent Data
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x
Vendor Fix fix
Workaround
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x
Workaround
Threats
Impact Important

A flaw was found in Axios. During specific proxy-to-direct redirect flows in the Node.js HTTP adapter, a remote attacker could exploit this vulnerability. The Proxy-Authorization header, which contains proxy credentials and is intended only for the outbound proxy, may be forwarded to the final redirected origin. This can lead to the disclosure of sensitive proxy credentials to an unintended third party.

CWE-201 - Insertion of Sensitive Information Into Sent Data
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x
Vendor Fix fix
Workaround
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x
Workaround
Threats
Impact Important

A flaw was found in Axios, a promise-based HTTP client. When using the fetch adapter, Axios did not properly enforce configured request and response size limits. This vulnerability allows a remote attacker, through a malicious or compromised server, or by supplying a large data URL, to send or receive oversized data bodies. This can lead to resource exhaustion in server-side applications, resulting in a Denial of Service (DoS).

CWE-770 - Allocation of Resources Without Limits or Throttling
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x
Vendor Fix fix
Workaround
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x
Workaround
Threats
Impact Important

A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not properly normalize IPv4-mapped IPv6 addresses. When a NO_PROXY setting is configured to block direct access to specific IPv4 addresses, an attacker can bypass this restriction by using the IPv4-mapped IPv6 form of the address in a request URL. This allows the request to be routed through the proxy, potentially exposing internal services or sensitive information that should otherwise be inaccessible.

CWE-289 - Authentication Bypass by Alternate Name
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x
Vendor Fix fix
Workaround
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x
Workaround
Threats
Impact Important

A flaw was found in Axios. This vulnerability, a Prototype Pollution "Gadget" attack, allows an attacker to escalate any existing Object.prototype pollution in an application's dependency tree into a full Man-in-the-Middle (MITM) attack. This enables the attacker to intercept, read, and modify all HTTP traffic, including sensitive authentication credentials. The flaw occurs because the `config.proxy` setting is susceptible to prototype pollution, allowing an attacker to inject a malicious proxy server.

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x
Vendor Fix fix
Workaround
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x
Workaround
Threats
Impact Important

A flaw was found in Axios, a promise-based HTTP client. This vulnerability involves prototype pollution gadgets in the request configuration processing. If another vulnerability has already polluted the Object.prototype.transformResponse, affected Axios versions may incorrectly interpret this inherited value as part of the request configuration or as an option validator. Axios does not itself create the prototype pollution. Exploitability requires a separate prototype-pollution vulnerability or equivalent attacker control over Object.prototype before Axios creates a request.

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x
Vendor Fix fix
Workaround
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x
Workaround
Threats
Impact Important

A flaw was found in the `sanitize-html` library. Under its default configuration, an attacker can embed malicious content within a disallowed `xmp` element. This vulnerability allows the attacker to bypass the HTML sanitization process, leading to stored Cross-Site Scripting (XSS). Successful exploitation can result in arbitrary code execution or information disclosure when a user views the affected content.

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x
Vendor Fix fix
Workaround
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x
Workaround
Threats
Impact Important

A flaw was found in the `decode-uri-component` library. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) by submitting specially crafted input. The `decode()` function, when processing a large number of encoded URI components, consumes excessive CPU resources, which can lead to the application becoming unresponsive and unavailable.

CWE-1050 - Excessive Platform Resource Consumption within a Loop
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x
Vendor Fix fix
Workaround
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x
Workaround
Threats
Impact Important

A flaw was found in golang.org/x/crypto/ssh. A remote attacker could send specially crafted inputs to the AES-GCM packet decoder. This could lead to an incorrectly placed cast from bytes to an integer, causing a server-side panic and resulting in a Denial of Service (DoS) for the affected system.

CWE-681 - Incorrect Conversion between Numeric Types
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x
Vendor Fix fix
Workaround
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64
Workaround
Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x
Workaround
Threats
Impact Important
References
URL Category
https://access.redhat.com/errata/RHSA-2026:40262 self
https://access.redhat.com/security/cve/CVE-2026-12143 external
https://access.redhat.com/security/cve/CVE-2026-13676 external
https://access.redhat.com/security/cve/CVE-2026-32591 external
https://access.redhat.com/security/cve/CVE-2026-39820 external
https://access.redhat.com/security/cve/CVE-2026-39821 external
https://access.redhat.com/security/cve/CVE-2026-39828 external
https://access.redhat.com/security/cve/CVE-2026-39829 external
https://access.redhat.com/security/cve/CVE-2026-39830 external
https://access.redhat.com/security/cve/CVE-2026-39831 external
https://access.redhat.com/security/cve/CVE-2026-39832 external
https://access.redhat.com/security/cve/CVE-2026-39835 external
https://access.redhat.com/security/cve/CVE-2026-42151 external
https://access.redhat.com/security/cve/CVE-2026-42154 external
https://access.redhat.com/security/cve/CVE-2026-42499 external
https://access.redhat.com/security/cve/CVE-2026-42508 external
https://access.redhat.com/security/cve/CVE-2026-44486 external
https://access.redhat.com/security/cve/CVE-2026-44487 external
https://access.redhat.com/security/cve/CVE-2026-44488 external
https://access.redhat.com/security/cve/CVE-2026-44492 external
https://access.redhat.com/security/cve/CVE-2026-44494 external
https://access.redhat.com/security/cve/CVE-2026-44495 external
https://access.redhat.com/security/cve/CVE-2026-44990 external
https://access.redhat.com/security/cve/CVE-2026-45822 external
https://access.redhat.com/security/cve/CVE-2026-46597 external
https://access.redhat.com/security/updates/classi… external
https://security.access.redhat.com/data/csaf/v2/a… self
https://access.redhat.com/security/cve/CVE-2026-12143 self
https://bugzilla.redhat.com/show_bug.cgi?id=2488480 external
https://www.cve.org/CVERecord?id=CVE-2026-12143 external
https://nvd.nist.gov/vuln/detail/CVE-2026-12143 external
https://cwe.mitre.org/data/definitions/93.html external
https://github.com/form-data/form-data/commit/641… external
https://github.com/form-data/form-data/commit/be3… external
https://github.com/form-data/form-data/commit/c71… external
https://github.com/form-data/form-data/security/a… external
https://html.spec.whatwg.org/multipage/form-contr… external
https://www.npmjs.com/package/form-data external
https://access.redhat.com/security/cve/CVE-2026-13676 self
https://bugzilla.redhat.com/show_bug.cgi?id=2494197 external
https://www.cve.org/CVERecord?id=CVE-2026-13676 external
https://nvd.nist.gov/vuln/detail/CVE-2026-13676 external
https://cna.openjsf.org/security-advisories.html external
https://github.com/fastify/fast-uri/security/advi… external
https://access.redhat.com/security/cve/CVE-2026-32591 self
https://bugzilla.redhat.com/show_bug.cgi?id=2446965 external
https://www.cve.org/CVERecord?id=CVE-2026-32591 external
https://nvd.nist.gov/vuln/detail/CVE-2026-32591 external
https://access.redhat.com/security/cve/CVE-2026-39820 self
https://bugzilla.redhat.com/show_bug.cgi?id=2467820 external
https://www.cve.org/CVERecord?id=CVE-2026-39820 external
https://nvd.nist.gov/vuln/detail/CVE-2026-39820 external
https://go.dev/cl/759940 external
https://go.dev/issue/78566 external
https://groups.google.com/g/golang-announce/c/qcC… external
https://pkg.go.dev/vuln/GO-2026-4986 external
https://access.redhat.com/security/cve/CVE-2026-39821 self
https://bugzilla.redhat.com/show_bug.cgi?id=2480756 external
https://www.cve.org/CVERecord?id=CVE-2026-39821 external
https://nvd.nist.gov/vuln/detail/CVE-2026-39821 external
https://go.dev/cl/767220 external
https://go.dev/issue/78760 external
https://groups.google.com/g/golang-announce/c/iI-… external
https://pkg.go.dev/vuln/GO-2026-5026 external
https://access.redhat.com/security/cve/CVE-2026-39828 self
https://bugzilla.redhat.com/show_bug.cgi?id=2480687 external
https://www.cve.org/CVERecord?id=CVE-2026-39828 external
https://nvd.nist.gov/vuln/detail/CVE-2026-39828 external
https://go.dev/cl/781621 external
https://go.dev/issue/79562 external
https://groups.google.com/g/golang-announce/c/a08… external
https://pkg.go.dev/vuln/GO-2026-5014 external
https://access.redhat.com/security/cve/CVE-2026-39829 self
https://bugzilla.redhat.com/show_bug.cgi?id=2480681 external
https://www.cve.org/CVERecord?id=CVE-2026-39829 external
https://nvd.nist.gov/vuln/detail/CVE-2026-39829 external
https://go.dev/cl/781641 external
https://go.dev/cl/781661 external
https://go.dev/issue/79565 external
https://pkg.go.dev/vuln/GO-2026-5018 external
https://access.redhat.com/security/cve/CVE-2026-39830 self
https://bugzilla.redhat.com/show_bug.cgi?id=2480684 external
https://www.cve.org/CVERecord?id=CVE-2026-39830 external
https://nvd.nist.gov/vuln/detail/CVE-2026-39830 external
https://go.dev/cl/781640 external
https://go.dev/cl/781664 external
https://go.dev/issue/79564 external
https://pkg.go.dev/vuln/GO-2026-5017 external
https://access.redhat.com/security/cve/CVE-2026-39831 self
https://bugzilla.redhat.com/show_bug.cgi?id=2480675 external
https://www.cve.org/CVERecord?id=CVE-2026-39831 external
https://nvd.nist.gov/vuln/detail/CVE-2026-39831 external
https://go.dev/cl/781662 external
https://go.dev/issue/79566 external
https://pkg.go.dev/vuln/GO-2026-5019 external
https://access.redhat.com/security/cve/CVE-2026-39832 self
https://bugzilla.redhat.com/show_bug.cgi?id=2480685 external
https://www.cve.org/CVERecord?id=CVE-2026-39832 external
https://nvd.nist.gov/vuln/detail/CVE-2026-39832 external
https://go.dev/cl/778642 external
https://go.dev/issue/79435 external
https://pkg.go.dev/vuln/GO-2026-5006 external
https://access.redhat.com/security/cve/CVE-2026-39835 self
https://bugzilla.redhat.com/show_bug.cgi?id=2480680 external
https://www.cve.org/CVERecord?id=CVE-2026-39835 external
https://nvd.nist.gov/vuln/detail/CVE-2026-39835 external
https://go.dev/cl/781660 external
https://go.dev/issue/79563 external
https://pkg.go.dev/vuln/GO-2026-5015 external
https://access.redhat.com/security/cve/CVE-2026-42151 self
https://bugzilla.redhat.com/show_bug.cgi?id=2466507 external
https://www.cve.org/CVERecord?id=CVE-2026-42151 external
https://nvd.nist.gov/vuln/detail/CVE-2026-42151 external
https://github.com/prometheus/prometheus/pull/18587 external
https://github.com/prometheus/prometheus/pull/18590 external
https://github.com/prometheus/prometheus/releases… external
https://github.com/prometheus/prometheus/releases… external
https://github.com/prometheus/prometheus/security… external
https://access.redhat.com/security/cve/CVE-2026-42154 self
https://bugzilla.redhat.com/show_bug.cgi?id=2466505 external
https://www.cve.org/CVERecord?id=CVE-2026-42154 external
https://nvd.nist.gov/vuln/detail/CVE-2026-42154 external
https://github.com/prometheus/prometheus/pull/18584 external
https://github.com/prometheus/prometheus/pull/18585 external
https://github.com/prometheus/prometheus/security… external
https://access.redhat.com/security/cve/CVE-2026-42499 self
https://bugzilla.redhat.com/show_bug.cgi?id=2467809 external
https://www.cve.org/CVERecord?id=CVE-2026-42499 external
https://nvd.nist.gov/vuln/detail/CVE-2026-42499 external
https://go.dev/cl/771520 external
https://go.dev/issue/78987 external
https://pkg.go.dev/vuln/GO-2026-4977 external
https://access.redhat.com/security/cve/CVE-2026-42508 self
https://bugzilla.redhat.com/show_bug.cgi?id=2480688 external
https://www.cve.org/CVERecord?id=CVE-2026-42508 external
https://nvd.nist.gov/vuln/detail/CVE-2026-42508 external
https://go.dev/cl/781220 external
https://go.dev/issue/79568 external
https://pkg.go.dev/vuln/GO-2026-5021 external
https://access.redhat.com/security/cve/CVE-2026-44486 self
https://bugzilla.redhat.com/show_bug.cgi?id=2487947 external
https://www.cve.org/CVERecord?id=CVE-2026-44486 external
https://nvd.nist.gov/vuln/detail/CVE-2026-44486 external
https://github.com/axios/axios/security/advisorie… external
https://access.redhat.com/security/cve/CVE-2026-44487 self
https://bugzilla.redhat.com/show_bug.cgi?id=2487948 external
https://www.cve.org/CVERecord?id=CVE-2026-44487 external
https://nvd.nist.gov/vuln/detail/CVE-2026-44487 external
https://github.com/axios/axios/security/advisorie… external
https://access.redhat.com/security/cve/CVE-2026-44488 self
https://bugzilla.redhat.com/show_bug.cgi?id=2487949 external
https://www.cve.org/CVERecord?id=CVE-2026-44488 external
https://nvd.nist.gov/vuln/detail/CVE-2026-44488 external
https://github.com/axios/axios/security/advisorie… external
https://access.redhat.com/security/cve/CVE-2026-44492 self
https://bugzilla.redhat.com/show_bug.cgi?id=2487938 external
https://www.cve.org/CVERecord?id=CVE-2026-44492 external
https://nvd.nist.gov/vuln/detail/CVE-2026-44492 external
https://github.com/axios/axios/security/advisorie… external
https://access.redhat.com/security/cve/CVE-2026-44494 self
https://bugzilla.redhat.com/show_bug.cgi?id=2487942 external
https://www.cve.org/CVERecord?id=CVE-2026-44494 external
https://nvd.nist.gov/vuln/detail/CVE-2026-44494 external
https://github.com/axios/axios/security/advisorie… external
https://access.redhat.com/security/cve/CVE-2026-44495 self
https://bugzilla.redhat.com/show_bug.cgi?id=2487937 external
https://www.cve.org/CVERecord?id=CVE-2026-44495 external
https://nvd.nist.gov/vuln/detail/CVE-2026-44495 external
https://github.com/axios/axios/security/advisorie… external
https://access.redhat.com/security/cve/CVE-2026-44990 self
https://bugzilla.redhat.com/show_bug.cgi?id=2488565 external
https://www.cve.org/CVERecord?id=CVE-2026-44990 external
https://nvd.nist.gov/vuln/detail/CVE-2026-44990 external
https://github.com/apostrophecms/apostrophe/secur… external
https://access.redhat.com/security/cve/CVE-2026-45822 self
https://bugzilla.redhat.com/show_bug.cgi?id=2494807 external
https://www.cve.org/CVERecord?id=CVE-2026-45822 external
https://nvd.nist.gov/vuln/detail/CVE-2026-45822 external
https://github.com/SamVerschueren/decode-uri-comp… external
https://github.com/SamVerschueren/decode-uri-comp… external
https://www.npmjs.com/package/decode-uri-component external
https://access.redhat.com/security/cve/CVE-2026-46597 self
https://bugzilla.redhat.com/show_bug.cgi?id=2480678 external
https://www.cve.org/CVERecord?id=CVE-2026-46597 external
https://nvd.nist.gov/vuln/detail/CVE-2026-46597 external
https://go.dev/cl/781620 external
https://go.dev/issue/79561 external
https://pkg.go.dev/vuln/GO-2026-5013 external
Acknowledgments
Antony Di Scala Michael Whale

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat Quay 3.9.24 is now available with bug fixes.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Quay 3.9.24",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:40262",
        "url": "https://access.redhat.com/errata/RHSA-2026:40262"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-12143",
        "url": "https://access.redhat.com/security/cve/CVE-2026-12143"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-13676",
        "url": "https://access.redhat.com/security/cve/CVE-2026-13676"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32591",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32591"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-39820",
        "url": "https://access.redhat.com/security/cve/CVE-2026-39820"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-39821",
        "url": "https://access.redhat.com/security/cve/CVE-2026-39821"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-39828",
        "url": "https://access.redhat.com/security/cve/CVE-2026-39828"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-39829",
        "url": "https://access.redhat.com/security/cve/CVE-2026-39829"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-39830",
        "url": "https://access.redhat.com/security/cve/CVE-2026-39830"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-39831",
        "url": "https://access.redhat.com/security/cve/CVE-2026-39831"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-39832",
        "url": "https://access.redhat.com/security/cve/CVE-2026-39832"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-39835",
        "url": "https://access.redhat.com/security/cve/CVE-2026-39835"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42151",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42151"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42154",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42154"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42499",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42499"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42508",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42508"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-44486",
        "url": "https://access.redhat.com/security/cve/CVE-2026-44486"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-44487",
        "url": "https://access.redhat.com/security/cve/CVE-2026-44487"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-44488",
        "url": "https://access.redhat.com/security/cve/CVE-2026-44488"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-44492",
        "url": "https://access.redhat.com/security/cve/CVE-2026-44492"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-44494",
        "url": "https://access.redhat.com/security/cve/CVE-2026-44494"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-44495",
        "url": "https://access.redhat.com/security/cve/CVE-2026-44495"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-44990",
        "url": "https://access.redhat.com/security/cve/CVE-2026-44990"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-45822",
        "url": "https://access.redhat.com/security/cve/CVE-2026-45822"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-46597",
        "url": "https://access.redhat.com/security/cve/CVE-2026-46597"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/",
        "url": "https://access.redhat.com/security/updates/classification/"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_40262.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Quay 3.9.24",
    "tracking": {
      "current_release_date": "2026-07-16T19:42:03+00:00",
      "generator": {
        "date": "2026-07-16T19:42:03+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "5.3.6"
        }
      },
      "id": "RHSA-2026:40262",
      "initial_release_date": "2026-07-15T19:14:30+00:00",
      "revision_history": [
        {
          "date": "2026-07-15T19:14:30+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-07-15T19:14:43+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-07-16T19:42:03+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Quay 3.9",
                "product": {
                  "name": "Red Hat Quay 3.9",
                  "product_id": "Red Hat Quay 3.9",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:quay:3.9::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Quay"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3A9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-bundle\u0026tag=1783750582"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Aae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-rhel8\u0026tag=1783748318"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3Acac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-bundle\u0026tag=1783749906"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel8\u0026tag=1783748068"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
                  "product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8\u0026tag=1783748468"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
                  "product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-rhel8@sha256%3A6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-builder-rhel8\u0026tag=1783747952"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
                  "product_id": "registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/clair-rhel8@sha256%3Ae7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207?arch=amd64\u0026repository_url=registry.redhat.io/quay/clair-rhel8\u0026tag=1783747905"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
                  "product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-bundle@sha256%3A2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-operator-bundle\u0026tag=1784129592"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
                  "product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-rhel8@sha256%3A25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-operator-rhel8\u0026tag=1783748131"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
                  "product_id": "registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-rhel8@sha256%3Ac9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-rhel8\u0026tag=1784125838"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Ae4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-rhel8\u0026tag=1783748318"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel8\u0026tag=1783748068"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-rhel8@sha256%3Ab6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-builder-rhel8\u0026tag=1783747952"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
                  "product_id": "registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/clair-rhel8@sha256%3A70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/clair-rhel8\u0026tag=1783747905"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-rhel8@sha256%3A041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-operator-rhel8\u0026tag=1783748131"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-rhel8@sha256%3A4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-rhel8\u0026tag=1784125838"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Ac51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-rhel8\u0026tag=1783748318"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel8\u0026tag=1783748068"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
                  "product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-rhel8@sha256%3Afdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-builder-rhel8\u0026tag=1783747952"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
                  "product_id": "registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/clair-rhel8@sha256%3A381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517?arch=s390x\u0026repository_url=registry.redhat.io/quay/clair-rhel8\u0026tag=1783747905"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
                  "product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-rhel8@sha256%3A855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-operator-rhel8\u0026tag=1783748131"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x",
                  "product_id": "registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-rhel8@sha256%3Af8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-rhel8\u0026tag=1784125838"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x"
        },
        "product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64"
        },
        "product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-12143",
      "cwe": {
        "id": "CWE-93",
        "name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
      },
      "discovery_date": "2026-06-12T19:00:57.360953+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2488480"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in form-data, a library for creating readable multipart/form-data streams. A remote attacker can exploit this vulnerability by injecting carriage return (CR), line feed (LF), or double-quote (\") characters into the `field` argument of `FormData#append` or the `filename` option. This allows the attacker to inject additional headers or smuggle entire additional multipart parts into requests, potentially enabling them to add or override form fields and compromise data integrity.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "form-data: form-data: Form field override via CRLF injection",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is an Important impact flaw in the form-data library: a remote attacker can inject arbitrary headers or additional multipart parts via CRLF injection in field names or filenames, potentially overriding sensitive form fields and affecting data integrity.\n\nFor RHOAI and RHEL AI, severity is Moderate because affected versions appear only as a transitive npm dependency in RHOAI (dashboard, mod-arch plugins, MLflow UI) and RHEL AI 3.4 bootc images, and those products use fixed field names for uploads rather than passing untrusted user input as multipart field names or filenames. The documented exploit path is therefore not reachable in default deployments. Practical impact is limited to non-default or custom integrations that forward multipart requests using attacker-controlled field names.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-12143"
        },
        {
          "category": "external",
          "summary": "RHBZ#2488480",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488480"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-12143",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-12143"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-12143",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12143"
        },
        {
          "category": "external",
          "summary": "https://cwe.mitre.org/data/definitions/93.html",
          "url": "https://cwe.mitre.org/data/definitions/93.html"
        },
        {
          "category": "external",
          "summary": "https://github.com/form-data/form-data/commit/64190db548c0179e37206858e39f27cf513e9435",
          "url": "https://github.com/form-data/form-data/commit/64190db548c0179e37206858e39f27cf513e9435"
        },
        {
          "category": "external",
          "summary": "https://github.com/form-data/form-data/commit/be3f3cf553978bac15a5182f1f3c3d2d38ccf229",
          "url": "https://github.com/form-data/form-data/commit/be3f3cf553978bac15a5182f1f3c3d2d38ccf229"
        },
        {
          "category": "external",
          "summary": "https://github.com/form-data/form-data/commit/c7133499c2ee1b80c678e411244f4442bf902045",
          "url": "https://github.com/form-data/form-data/commit/c7133499c2ee1b80c678e411244f4442bf902045"
        },
        {
          "category": "external",
          "summary": "https://github.com/form-data/form-data/security/advisories/GHSA-hmw2-7cc7-3qxx",
          "url": "https://github.com/form-data/form-data/security/advisories/GHSA-hmw2-7cc7-3qxx"
        },
        {
          "category": "external",
          "summary": "https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#multipart-form-data",
          "url": "https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#multipart-form-data"
        },
        {
          "category": "external",
          "summary": "https://www.npmjs.com/package/form-data",
          "url": "https://www.npmjs.com/package/form-data"
        }
      ],
      "release_date": "2026-06-12T18:01:30.362000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-15T19:14:30+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:40262"
        },
        {
          "category": "workaround",
          "details": "Applications using the `form-data` library should implement strict input validation and sanitization for all field names and filenames derived from untrusted sources. This prevents the injection of control characters (CR, LF, \") that could lead to header injection or form field overrides. Deployments that exclusively use fixed or trusted field names are not impacted.",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "form-data: form-data: Form field override via CRLF injection"
    },
    {
      "cve": "CVE-2026-13676",
      "cwe": {
        "id": "CWE-551",
        "name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
      },
      "discovery_date": "2026-06-29T14:01:55.592330+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2494197"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in fast-uri. This vulnerability occurs because fast-uri fails to properly convert Unicode (Internationalized Domain Name - IDN) hostnames for HTTP-family URLs. This can lead to a situation where security policies, such as denylists or redirect validations, are bypassed when applications use fast-uri to enforce these policies before passing the URL to another parser. A remote attacker could exploit this to circumvent security controls and potentially access unauthorized resources or perform malicious redirects.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "fast-uri: fast-uri: Security policy bypass due to improper Unicode hostname canonicalization",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Important flaw in `fast-uri` allows a remote attacker to bypass host-based security policies. Applications that rely on `fast-uri` for URL parsing and policy enforcement, such as denylists or redirect validations, can be circumvented due to inconsistent handling of Unicode hostnames. This discrepancy between `fast-uri` and other URL parsers could lead to unauthorized resource access or malicious redirects in affected Red Hat products.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-13676"
        },
        {
          "category": "external",
          "summary": "RHBZ#2494197",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2494197"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-13676",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-13676"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-13676",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-13676"
        },
        {
          "category": "external",
          "summary": "https://cna.openjsf.org/security-advisories.html",
          "url": "https://cna.openjsf.org/security-advisories.html"
        },
        {
          "category": "external",
          "summary": "https://github.com/fastify/fast-uri/security/advisories/GHSA-4c8g-83qw-93j6",
          "url": "https://github.com/fastify/fast-uri/security/advisories/GHSA-4c8g-83qw-93j6"
        }
      ],
      "release_date": "2026-06-29T13:22:44.674000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-15T19:14:30+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:40262"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "fast-uri: fast-uri: Security policy bypass due to improper Unicode hostname canonicalization"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Antony Di Scala",
            "Michael Whale"
          ]
        }
      ],
      "cve": "CVE-2026-32591",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "discovery_date": "2026-03-12T15:09:38.210000+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2446965"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Red Hat Quay\u0027s Proxy Cache configuration feature. When an organization administrator configures an upstream registry for proxy caching, Quay makes a network connection to the specified registry hostname without verifying that it points to a legitimate external service. An attacker with organization administrator privileges could supply a crafted hostname to force the Quay server to make requests to internal network services, cloud infrastructure endpoints, or other resources that should not be accessible from the Quay application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "mirror-registry: quay: server-side request forgery in proxy cache upstream registry configuration",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Exploitation requires the attacker to be authenticated as an organization administrator.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32591"
        },
        {
          "category": "external",
          "summary": "RHBZ#2446965",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446965"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32591",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32591"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32591",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32591"
        }
      ],
      "release_date": "2026-04-08T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-15T19:14:30+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:40262"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "mirror-registry: quay: server-side request forgery in proxy cache upstream registry configuration"
    },
    {
      "cve": "CVE-2026-39820",
      "cwe": {
        "id": "CWE-606",
        "name": "Unchecked Input for Loop Condition"
      },
      "discovery_date": "2026-05-07T20:01:27.800929+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2467820"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is an Important denial of service vulnerability in the Go `net/mail` package. Applications processing untrusted email inputs via `ParseAddress`, `ParseAddressList`, or `ParseDate` functions are susceptible to excessive resource consumption, which can lead to service unavailability.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-39820"
        },
        {
          "category": "external",
          "summary": "RHBZ#2467820",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467820"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-39820",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-39820"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/759940",
          "url": "https://go.dev/cl/759940"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/78566",
          "url": "https://go.dev/issue/78566"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
          "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-4986",
          "url": "https://pkg.go.dev/vuln/GO-2026-4986"
        }
      ],
      "release_date": "2026-05-07T19:41:19.854000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-15T19:14:30+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:40262"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs"
    },
    {
      "cve": "CVE-2026-39821",
      "cwe": {
        "id": "CWE-1289",
        "name": "Improper Validation of Unsafe Equivalence in Input"
      },
      "discovery_date": "2026-05-22T16:00:52.844126+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2480756"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "golang.org/x/net/idna is vulnerable to privilege escalation through incorrect Punycode label handling in ToASCII and ToUnicode. An attacker who can supply a Punycode hostname that passes an ASCII-only authorization check may have it normalized to a restricted ASCII name the application intended to block. Red Hat exposure is broad across products shipping the Go toolchain or bundling golang.org/x/net, including RHEL and RHEL-AI golang RPMs, hummingbird Go runtimes, OpenShift and ODF container builds, and Ceph/OpenShift components compiled against affected x/net versions.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-39821"
        },
        {
          "category": "external",
          "summary": "RHBZ#2480756",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480756"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-39821",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-39821"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/767220",
          "url": "https://go.dev/cl/767220"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/78760",
          "url": "https://go.dev/issue/78760"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
          "url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-5026",
          "url": "https://pkg.go.dev/vuln/GO-2026-5026"
        }
      ],
      "release_date": "2026-05-22T15:01:21.462000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-15T19:14:30+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:40262"
        },
        {
          "category": "workaround",
          "details": "Upgrade to a fixed golang.org/x/net release that includes the idna correction, via updated golang or dependent package rebuilds.",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing"
    },
    {
      "cve": "CVE-2026-39828",
      "cwe": {
        "id": "CWE-281",
        "name": "Improper Preservation of Permissions"
      },
      "discovery_date": "2026-05-22T04:01:46.775641+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2480687"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is an Important security flaw in the `golang.org/x/crypto/ssh` library. When an SSH server utilizing this library is configured with specific authentication callbacks that return a `PartialSuccessError` with non-nil permissions, an attacker could bypass intended certificate restrictions, such as `force-command`. This bypass could lead to unauthorized command execution or access on affected Red Hat systems configured with multi-factor authentication and certificate-based access controls.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-39828"
        },
        {
          "category": "external",
          "summary": "RHBZ#2480687",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480687"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-39828",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-39828"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/781621",
          "url": "https://go.dev/cl/781621"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/79562",
          "url": "https://go.dev/issue/79562"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
          "url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-5014",
          "url": "https://pkg.go.dev/vuln/GO-2026-5014"
        }
      ],
      "release_date": "2026-05-22T02:31:26.883000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-15T19:14:30+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:40262"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions"
    },
    {
      "cve": "CVE-2026-39829",
      "cwe": {
        "id": "CWE-1284",
        "name": "Improper Validation of Specified Quantity in Input"
      },
      "discovery_date": "2026-05-22T04:01:30.092249+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2480681"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability in golang.org/x/crypto/ssh is rated as Important. An unauthenticated remote attacker could trigger a denial of service by providing a specially crafted public key with excessively large parameters during SSH public key authentication. This could lead to prolonged CPU consumption on the server, impacting service availability.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-39829"
        },
        {
          "category": "external",
          "summary": "RHBZ#2480681",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480681"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-39829",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-39829"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/781641",
          "url": "https://go.dev/cl/781641"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/781661",
          "url": "https://go.dev/cl/781661"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/79565",
          "url": "https://go.dev/issue/79565"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
          "url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-5018",
          "url": "https://pkg.go.dev/vuln/GO-2026-5018"
        }
      ],
      "release_date": "2026-05-22T02:31:27.324000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-15T19:14:30+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:40262"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters"
    },
    {
      "cve": "CVE-2026-39830",
      "cwe": {
        "id": "CWE-772",
        "name": "Missing Release of Resource after Effective Lifetime"
      },
      "discovery_date": "2026-05-22T04:01:38.517202+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2480684"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection\u0027s read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh`. A remote, unauthenticated attacker can exploit this vulnerability by sending unsolicited global request responses to an affected SSH server, leading to resource exhaustion and a denial of service. The impact is considered Important due to the potential for unauthenticated remote disruption of services utilizing the vulnerable SSH library.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-39830"
        },
        {
          "category": "external",
          "summary": "RHBZ#2480684",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480684"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-39830",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-39830"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/781640",
          "url": "https://go.dev/cl/781640"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/781664",
          "url": "https://go.dev/cl/781664"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/79564",
          "url": "https://go.dev/issue/79564"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
          "url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-5017",
          "url": "https://pkg.go.dev/vuln/GO-2026-5017"
        }
      ],
      "release_date": "2026-05-22T02:31:27.208000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-15T19:14:30+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:40262"
        },
        {
          "category": "workaround",
          "details": "To mitigate this denial of service vulnerability, restrict network access to any service that utilizes the `golang.org/x/crypto/ssh` library and is exposed to untrusted networks. Implement firewall rules to allow connections only from trusted hosts or networks. This action limits the ability of malicious peers to send unsolicited global request responses. A restart of the affected service may be necessary for the new network rules to be applied effectively.",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses"
    },
    {
      "cve": "CVE-2026-39831",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "discovery_date": "2026-05-22T04:01:12.861178+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2480675"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang.org/x/crypto/ssh. The Verify() method, responsible for FIDO/U2F security key types, did not properly check for user presence. This allowed signatures to be accepted without requiring a physical touch on the hardware security key. As a result, an attacker could potentially use a hardware security key in an unattended manner, bypassing a critical security control designed to ensure user intent.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Security key bypass due to missing user presence check",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-39831"
        },
        {
          "category": "external",
          "summary": "RHBZ#2480675",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480675"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-39831",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-39831"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39831",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39831"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/781662",
          "url": "https://go.dev/cl/781662"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/79566",
          "url": "https://go.dev/issue/79566"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
          "url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-5019",
          "url": "https://pkg.go.dev/vuln/GO-2026-5019"
        }
      ],
      "release_date": "2026-05-22T02:31:27.436000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-15T19:14:30+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:40262"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Security key bypass due to missing user presence check"
    },
    {
      "cve": "CVE-2026-39832",
      "cwe": {
        "id": "CWE-281",
        "name": "Improper Preservation of Permissions"
      },
      "discovery_date": "2026-05-22T04:01:41.402561+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2480685"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the unrestricted use of the key on the remote host. This vulnerability could enable an attacker to bypass intended security controls and perform unauthorized actions.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Important vulnerability in `golang.org/x/crypto/ssh/agent` allows for a security bypass when SSH keys with destination restrictions are forwarded via an SSH agent. This flaw could lead to unintended exposure of SSH keys, enabling an attacker to use the forwarded key without the specified restrictions on remote hosts. Red Hat products utilizing `golang.org/x/crypto/ssh/agent` for key forwarding may be affected if users rely on constraint extensions for limiting key usage.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-39832"
        },
        {
          "category": "external",
          "summary": "RHBZ#2480685",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480685"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-39832",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-39832"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39832",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39832"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/778642",
          "url": "https://go.dev/cl/778642"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/79435",
          "url": "https://go.dev/issue/79435"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
          "url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-5006",
          "url": "https://pkg.go.dev/vuln/GO-2026-5006"
        }
      ],
      "release_date": "2026-05-22T02:31:26.660000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-15T19:14:30+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:40262"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions"
    },
    {
      "cve": "CVE-2026-39835",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2026-05-22T04:01:27.279943+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2480680"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh` affecting SSH servers that utilize `CertChecker` as a public key callback without explicitly configuring `IsUserAuthority` or `IsHostAuthority`. A remote, unauthenticated attacker can trigger a server panic by presenting a specially crafted certificate, leading to service disruption. Exploitation requires a specific, non-default configuration of the `CertChecker`.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-39835"
        },
        {
          "category": "external",
          "summary": "RHBZ#2480680",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480680"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-39835",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-39835"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/781660",
          "url": "https://go.dev/cl/781660"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/79563",
          "url": "https://go.dev/issue/79563"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
          "url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-5015",
          "url": "https://pkg.go.dev/vuln/GO-2026-5015"
        }
      ],
      "release_date": "2026-05-22T02:31:26.982000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-15T19:14:30+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:40262"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate"
    },
    {
      "cve": "CVE-2026-42151",
      "cwe": {
        "id": "CWE-256",
        "name": "Plaintext Storage of a Password"
      },
      "discovery_date": "2026-05-04T19:02:26.983660+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2466507"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Prometheus, an open-source monitoring system. The `client_secret` field within the Azure Active Directory (AD) remote write OAuth configuration was incorrectly handled as a plain string instead of a secure Secret type. This misconfiguration allowed any user or process with access to the `/-/config` HTTP API endpoint to view the Azure OAuth client secret in plaintext. This vulnerability leads to information disclosure, potentially compromising the security of integrated Azure AD services.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "github.com/prometheus/prometheus: Prometheus: Information disclosure of Azure OAuth client secret via config API",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Important information disclosure flaw in Prometheus affects instances configured to use Azure AD remote write with OAuth authentication. The client secret, intended to be a secure credential, is exposed in plaintext through the `/-/config` HTTP API endpoint. This could allow an attacker with access to this endpoint to retrieve the secret, potentially compromising integrated Azure AD services.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42151"
        },
        {
          "category": "external",
          "summary": "RHBZ#2466507",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466507"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42151",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42151"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42151",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42151"
        },
        {
          "category": "external",
          "summary": "https://github.com/prometheus/prometheus/pull/18587",
          "url": "https://github.com/prometheus/prometheus/pull/18587"
        },
        {
          "category": "external",
          "summary": "https://github.com/prometheus/prometheus/pull/18590",
          "url": "https://github.com/prometheus/prometheus/pull/18590"
        },
        {
          "category": "external",
          "summary": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3",
          "url": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3"
        },
        {
          "category": "external",
          "summary": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3",
          "url": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3"
        },
        {
          "category": "external",
          "summary": "https://github.com/prometheus/prometheus/security/advisories/GHSA-wg65-39gg-5wfj",
          "url": "https://github.com/prometheus/prometheus/security/advisories/GHSA-wg65-39gg-5wfj"
        }
      ],
      "release_date": "2026-05-04T18:12:16.917000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-15T19:14:30+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:40262"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "github.com/prometheus/prometheus: Prometheus: Information disclosure of Azure OAuth client secret via config API"
    },
    {
      "cve": "CVE-2026-42154",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2026-05-04T19:02:19.626646+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2466505"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Prometheus. An unauthenticated attacker can exploit the remote read endpoint (`/api/v1/read`) by sending a specially crafted, small snappy-compressed payload. This payload causes a disproportionately large memory allocation, leading to memory exhaustion and a Denial of Service (DoS) by crashing the Prometheus process.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "github.com/prometheus/prometheus: Prometheus: Denial of Service via uncontrolled memory allocation in remote read endpoint",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is an Important denial of service vulnerability in Prometheus, allowing an unauthenticated remote attacker to crash the Prometheus process. This could lead to service unavailability in Red Hat products that deploy Prometheus for monitoring, as the remote read endpoint does not properly validate snappy-compressed request lengths.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42154"
        },
        {
          "category": "external",
          "summary": "RHBZ#2466505",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466505"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42154",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42154"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42154",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42154"
        },
        {
          "category": "external",
          "summary": "https://github.com/prometheus/prometheus/pull/18584",
          "url": "https://github.com/prometheus/prometheus/pull/18584"
        },
        {
          "category": "external",
          "summary": "https://github.com/prometheus/prometheus/pull/18585",
          "url": "https://github.com/prometheus/prometheus/pull/18585"
        },
        {
          "category": "external",
          "summary": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3",
          "url": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3"
        },
        {
          "category": "external",
          "summary": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3",
          "url": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3"
        },
        {
          "category": "external",
          "summary": "https://github.com/prometheus/prometheus/security/advisories/GHSA-8rm2-7qqf-34qm",
          "url": "https://github.com/prometheus/prometheus/security/advisories/GHSA-8rm2-7qqf-34qm"
        }
      ],
      "release_date": "2026-05-04T18:13:12.340000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-15T19:14:30+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:40262"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "github.com/prometheus/prometheus: Prometheus: Denial of Service via uncontrolled memory allocation in remote read endpoint"
    },
    {
      "cve": "CVE-2026-42499",
      "cwe": {
        "id": "CWE-1046",
        "name": "Creation of Immutable Text Using String Concatenation"
      },
      "discovery_date": "2026-05-07T20:00:51.685602+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2467809"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is an Important denial of service vulnerability in the `net/mail` package of the Go standard library. A remote attacker can exploit this flaw by sending specially crafted email addresses, leading to excessive resource consumption and a denial of service in Go applications that parse email addresses using the affected library.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42499"
        },
        {
          "category": "external",
          "summary": "RHBZ#2467809",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467809"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42499",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42499"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/771520",
          "url": "https://go.dev/cl/771520"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/78987",
          "url": "https://go.dev/issue/78987"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
          "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-4977",
          "url": "https://pkg.go.dev/vuln/GO-2026-4977"
        }
      ],
      "release_date": "2026-05-07T19:41:18.615000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-15T19:14:30+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:40262"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing"
    },
    {
      "cve": "CVE-2026-42508",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "discovery_date": "2026-05-22T04:01:49.515058+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2480688"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang.org/x/crypto/ssh/knownhosts. This vulnerability occurs because the system did not correctly check for the revocation status of a SignatureKey belonging to a Certificate Authority (CA). A remote attacker could potentially exploit this by presenting a revoked key, leading to the system accepting it as valid. This could allow an attacker to bypass security checks and potentially gain unauthorized access or spoof legitimate entities.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Important: A flaw in `golang.org/x/crypto/ssh/knownhosts` allows a remote attacker to bypass security checks. This vulnerability arises because the system fails to properly verify the revocation status of a Certificate Authority (CA) `SignatureKey`. In Red Hat environments, this could enable an attacker to present a revoked key, leading to its acceptance as valid and potentially granting unauthorized access or facilitating the spoofing of legitimate entities.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42508"
        },
        {
          "category": "external",
          "summary": "RHBZ#2480688",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480688"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42508",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42508"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42508",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42508"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/781220",
          "url": "https://go.dev/cl/781220"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/79568",
          "url": "https://go.dev/issue/79568"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
          "url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-5021",
          "url": "https://pkg.go.dev/vuln/GO-2026-5021"
        }
      ],
      "release_date": "2026-05-22T02:31:27.644000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-15T19:14:30+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:40262"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey"
    },
    {
      "cve": "CVE-2026-44486",
      "cwe": {
        "id": "CWE-201",
        "name": "Insertion of Sensitive Information Into Sent Data"
      },
      "discovery_date": "2026-06-11T17:01:30.944384+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2487947"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client, specifically in its Node.js HTTP adapter. When Axios is configured to use an authenticated proxy and follows a redirect, it may inadvertently send the Proxy-Authorization header, containing proxy credentials, to the redirect target. This can lead to the disclosure of sensitive proxy credentials to an unintended remote server.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Information disclosure of proxy credentials via HTTP redirects",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is an Important information disclosure flaw in the Axios Node.js HTTP adapter. Red Hat products utilizing Axios in a Node.js environment with an authenticated proxy and automatic redirects enabled are susceptible. The vulnerability arises when a request, initially sent through an authenticated proxy, is redirected to a target that no longer uses the proxy, potentially leaking `Proxy-Authorization` headers containing sensitive credentials to an untrusted remote server. This risk is heightened in deployments where applications interact with untrusted HTTP origins.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-44486"
        },
        {
          "category": "external",
          "summary": "RHBZ#2487947",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487947"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-44486",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-44486"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44486",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44486"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-j5f8-grm9-p9fc",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-j5f8-grm9-p9fc"
        }
      ],
      "release_date": "2026-06-11T15:39:07.714000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-15T19:14:30+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:40262"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: Information disclosure of proxy credentials via HTTP redirects"
    },
    {
      "cve": "CVE-2026-44487",
      "cwe": {
        "id": "CWE-201",
        "name": "Insertion of Sensitive Information Into Sent Data"
      },
      "discovery_date": "2026-06-11T17:01:34.091476+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2487948"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios. During specific proxy-to-direct redirect flows in the Node.js HTTP adapter, a remote attacker could exploit this vulnerability. The Proxy-Authorization header, which contains proxy credentials and is intended only for the outbound proxy, may be forwarded to the final redirected origin. This can lead to the disclosure of sensitive proxy credentials to an unintended third party.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Information disclosure of proxy credentials via redirect flows",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is an Important information disclosure flaw in Axios affecting Node.js environments. When an application uses Axios with an authenticated HTTP proxy and follows redirects from an HTTP to a non-proxied HTTPS destination, the Proxy-Authorization header may be inadvertently sent to the final origin server. This could lead to the exposure of sensitive proxy credentials to an unintended third party.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-44487"
        },
        {
          "category": "external",
          "summary": "RHBZ#2487948",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487948"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-44487",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-44487"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44487",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44487"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-p92q-9vqr-4j8v",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-p92q-9vqr-4j8v"
        }
      ],
      "release_date": "2026-06-11T15:38:25.150000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-15T19:14:30+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:40262"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: Information disclosure of proxy credentials via redirect flows"
    },
    {
      "cve": "CVE-2026-44488",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2026-06-11T17:01:36.836488+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2487949"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client. When using the fetch adapter, Axios did not properly enforce configured request and response size limits. This vulnerability allows a remote attacker, through a malicious or compromised server, or by supplying a large data URL, to send or receive oversized data bodies. This can lead to resource exhaustion in server-side applications, resulting in a Denial of Service (DoS).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Denial of Service due to unenforced request and response size limits",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Important: A denial of service flaw was found in Axios, a JavaScript HTTP client library. This issue arises when applications utilize the `fetch` adapter, as configured request and response size limits are not properly enforced. A remote attacker could exploit this by sending or receiving excessively large data bodies, leading to resource exhaustion and potential denial of service in affected server-side applications.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-44488"
        },
        {
          "category": "external",
          "summary": "RHBZ#2487949",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487949"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-44488",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-44488"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44488",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44488"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-777c-7fjr-54vf",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-777c-7fjr-54vf"
        }
      ],
      "release_date": "2026-06-11T15:37:38.013000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-15T19:14:30+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:40262"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: Denial of Service due to unenforced request and response size limits"
    },
    {
      "cve": "CVE-2026-44492",
      "cwe": {
        "id": "CWE-289",
        "name": "Authentication Bypass by Alternate Name"
      },
      "discovery_date": "2026-06-11T17:00:56.761751+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2487938"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not properly normalize IPv4-mapped IPv6 addresses. When a NO_PROXY setting is configured to block direct access to specific IPv4 addresses, an attacker can bypass this restriction by using the IPv4-mapped IPv6 form of the address in a request URL. This allows the request to be routed through the proxy, potentially exposing internal services or sensitive information that should otherwise be inaccessible.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Proxy bypass via IPv4-mapped IPv6 address non-normalization",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is an Important flaw in Axios, a JavaScript HTTP client library, that allows for a proxy bypass. When a `NO_PROXY` environment variable is configured to prevent direct connections to specific IPv4 addresses, an attacker can craft a request URL using the IPv4-mapped IPv6 address format. This bypasses the intended `NO_PROXY` exclusion, routing the request through the configured proxy and potentially exposing internal services or sensitive information, such as cloud instance metadata credentials.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-44492"
        },
        {
          "category": "external",
          "summary": "RHBZ#2487938",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487938"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-44492",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-44492"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44492",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44492"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-pjwm-pj3p-43mv",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-pjwm-pj3p-43mv"
        }
      ],
      "release_date": "2026-06-11T15:29:13.890000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-15T19:14:30+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:40262"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: Proxy bypass via IPv4-mapped IPv6 address non-normalization"
    },
    {
      "cve": "CVE-2026-44494",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-06-11T17:01:12.945664+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2487942"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios. This vulnerability, a Prototype Pollution \"Gadget\" attack, allows an attacker to escalate any existing Object.prototype pollution in an application\u0027s dependency tree into a full Man-in-the-Middle (MITM) attack. This enables the attacker to intercept, read, and modify all HTTP traffic, including sensitive authentication credentials. The flaw occurs because the `config.proxy` setting is susceptible to prototype pollution, allowing an attacker to inject a malicious proxy server.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Man-in-the-Middle (MITM) attack via Prototype Pollution",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Important flaw in the Axios library allows an attacker to escalate existing prototype pollution vulnerabilities within an application\u0027s dependency tree into a full Man-in-the-Middle (MITM) attack. By injecting a malicious proxy configuration into the `Object.prototype`, an attacker can intercept, read, and modify all HTTP traffic, including sensitive authentication credentials, without direct user interaction. This poses a significant risk to data confidentiality and integrity in Red Hat products that utilize the Axios library.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-44494"
        },
        {
          "category": "external",
          "summary": "RHBZ#2487942",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487942"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-44494",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-44494"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44494",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44494"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-35jp-ww65-95wh",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-35jp-ww65-95wh"
        }
      ],
      "release_date": "2026-06-11T15:32:03.155000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-15T19:14:30+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:40262"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: Man-in-the-Middle (MITM) attack via Prototype Pollution"
    },
    {
      "cve": "CVE-2026-44495",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-06-11T17:00:53.999811+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2487937"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability involves prototype pollution gadgets in the request configuration processing. If another vulnerability has already polluted the Object.prototype.transformResponse, affected Axios versions may incorrectly interpret this inherited value as part of the request configuration or as an option validator. Axios does not itself create the prototype pollution. Exploitability requires a separate prototype-pollution vulnerability or equivalent attacker control over Object.prototype before Axios creates a request.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Information disclosure due to prototype pollution vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Important vulnerability in Axios, a promise-based HTTP client, can lead to information disclosure, including credential theft and response hijacking, or denial of service. Exploitation requires a separate prototype pollution vulnerability in the same JavaScript process, allowing an attacker to control `Object.prototype.transformResponse`. Red Hat products using affected Axios versions are at risk if another component introduces such pollution.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-44495"
        },
        {
          "category": "external",
          "summary": "RHBZ#2487937",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487937"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-44495",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-44495"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44495",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44495"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-3g43-6gmg-66jw",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-3g43-6gmg-66jw"
        }
      ],
      "release_date": "2026-06-11T15:33:12.433000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-15T19:14:30+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:40262"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: Information disclosure due to prototype pollution vulnerability"
    },
    {
      "cve": "CVE-2026-44990",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "discovery_date": "2026-06-12T21:02:24.911971+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2488565"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the `sanitize-html` library. Under its default configuration, an attacker can embed malicious content within a disallowed `xmp` element. This vulnerability allows the attacker to bypass the HTML sanitization process, leading to stored Cross-Site Scripting (XSS). Successful exploitation can result in arbitrary code execution or information disclosure when a user views the affected content.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "sanitize-html: `sanitize-html`: Stored Cross-Site Scripting via HTML sanitizer bypass",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is an Important flaw. The `sanitize-html` library, used in Red Hat products, is susceptible to a stored Cross-Site Scripting (XSS) bypass. Malicious content within a disallowed `xmp` element can be rendered as live HTML or JavaScript due to a sanitizer bypass in the default configuration. This can lead to arbitrary code execution or information disclosure when affected content is viewed.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-44990"
        },
        {
          "category": "external",
          "summary": "RHBZ#2488565",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488565"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-44990",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-44990"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44990",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44990"
        },
        {
          "category": "external",
          "summary": "https://github.com/apostrophecms/apostrophe/security/advisories/GHSA-rpr9-rxv7-x643",
          "url": "https://github.com/apostrophecms/apostrophe/security/advisories/GHSA-rpr9-rxv7-x643"
        }
      ],
      "release_date": "2026-06-12T20:39:47.065000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-15T19:14:30+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:40262"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "sanitize-html: `sanitize-html`: Stored Cross-Site Scripting via HTML sanitizer bypass"
    },
    {
      "cve": "CVE-2026-45822",
      "cwe": {
        "id": "CWE-1050",
        "name": "Excessive Platform Resource Consumption within a Loop"
      },
      "discovery_date": "2026-06-30T09:01:06.468966+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2494807"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the `decode-uri-component` library. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) by submitting specially crafted input. The `decode()` function, when processing a large number of encoded URI components, consumes excessive CPU resources, which can lead to the application becoming unresponsive and unavailable.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "decode-uri-component: decode-uri-component: Denial of Service via crafted input",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "A denial of service flaw was found in the decode-uri-component npm package. The decode() function exhibits super-linear time complexity when processing input containing many percent-encoded sequences, allowing an attacker to cause significant CPU consumption and event-loop blocking. In Red Hat products where this package is bundled (OpenShift Console, Quay, Pipelines, RHOAI, and others), exploitation requires that attacker-controlled input containing crafted percent-encoded strings reaches the decode() function without prior length validation. Red Hat rates this as Moderate severity since the impact is limited to availability with no confidentiality or integrity impact, consistent with the CNA\u0027s CVSS 4.0 assessment of 6.6 Medium.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-45822"
        },
        {
          "category": "external",
          "summary": "RHBZ#2494807",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2494807"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-45822",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-45822"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45822",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45822"
        },
        {
          "category": "external",
          "summary": "https://github.com/SamVerschueren/decode-uri-component/blob/00662938dc7c6241547ae8abce7785cc13ffd3f6/index.js",
          "url": "https://github.com/SamVerschueren/decode-uri-component/blob/00662938dc7c6241547ae8abce7785cc13ffd3f6/index.js"
        },
        {
          "category": "external",
          "summary": "https://github.com/SamVerschueren/decode-uri-component/commit/fa479dafeede7bedf04e5c89aa78f2a78c664005",
          "url": "https://github.com/SamVerschueren/decode-uri-component/commit/fa479dafeede7bedf04e5c89aa78f2a78c664005"
        },
        {
          "category": "external",
          "summary": "https://www.npmjs.com/package/decode-uri-component",
          "url": "https://www.npmjs.com/package/decode-uri-component"
        }
      ],
      "release_date": "2026-06-30T08:05:36.399000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-15T19:14:30+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:40262"
        },
        {
          "category": "workaround",
          "details": "Validate and limit the length of any user-controlled input before passing it to decode-uri-component\u0027s decode() function. Inputs containing more than approximately 200 percent-encoded tokens (e.g. \u0027%ab\u0027 sequences) can trigger noticeable delays. Reject or truncate URI components exceeding a reasonable length threshold before decoding. A fix exists in the upstream repository (commit fa479daf) but has not yet been included in an npm release.",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "decode-uri-component: decode-uri-component: Denial of Service via crafted input"
    },
    {
      "cve": "CVE-2026-46597",
      "cwe": {
        "id": "CWE-681",
        "name": "Incorrect Conversion between Numeric Types"
      },
      "discovery_date": "2026-05-22T04:01:21.721980+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2480678"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang.org/x/crypto/ssh. A remote attacker could send specially crafted inputs to the AES-GCM packet decoder. This could lead to an incorrectly placed cast from bytes to an integer, causing a server-side panic and resulting in a Denial of Service (DoS) for the affected system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted AES-GCM packet decoder inputs",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Important denial of service flaw in `golang.org/x/crypto/ssh` allows a remote attacker to trigger a server-side panic by sending specially crafted inputs to the AES-GCM packet decoder. This vulnerability could lead to service unavailability in Red Hat products that incorporate and expose SSH services built with the affected `golang.org/x/crypto/ssh` component.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-46597"
        },
        {
          "category": "external",
          "summary": "RHBZ#2480678",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480678"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-46597",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-46597"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46597",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46597"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/781620",
          "url": "https://go.dev/cl/781620"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/79561",
          "url": "https://go.dev/issue/79561"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
          "url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-5013",
          "url": "https://pkg.go.dev/vuln/GO-2026-5013"
        }
      ],
      "release_date": "2026-05-22T02:31:26.754000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-07-15T19:14:30+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:40262"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:381f3af2c038cb3a0d14191c1a541cc7e9752698ed3980dcd33ee91ef3752517_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:70cf72dcdc1e02b7c7958673e95b92503354c5e5475a1e4fc7ae0f5d3c03fbe0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:e7eeb4f9684e32f8199b792630e21f9f13e5efe7a511664d5777dc1a98fc4207_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cac2255c18f3a8d7e67308b07ea5b3ba0317cf2e2911321b9cc4fba45c4b2583_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3994488939804e50e226f273722d2ad3f3b6aaee6c70e52752cbc8affc36bc52_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:54cfdc97172ce2c4cef1c85b5187c3401aee0e1ba272977d099e12f59d5d4d05_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6bd95b42094007001481b27000ead5c252747f1a79fcf0801030593de163ffaf_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8f4be0a96b74ebe660bd28e9cc15ef9cc56428532fae4ad0f04562726dcc7226_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:6bdc4472dea000261ce7aa6daa850f5e1253ba716de2a247df997aaf158cf20f_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:b6109a8cab187a42f5f9f536fba1be506474eb532ad41d68f937606318e88364_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:fdec2d2556842d4c6cd4feb37243580c6323f16813754aaf02963ba1a23b7e96_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9f2a14e20042280f51bfec86c00ac87a5309c991efc1b8b6f1dd0afb7772c297_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ae9ba588f153ed4ad2e34936867f435cc8271b2858b00c3ce823a773c640a4f6_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c51a3f7d6fc2ea1c26ba1ccfaec660d6f76cb3e656f3d1c0702d14338ded96c8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e4fcfcd95a0db4d1da19ba16146c51237c83129719c5550977391f2978e62ef3_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:2af202af0c417c0b1bebf895cd46b15d4c6daceba48a11217f7c574a01ef5aa0_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:041665ae3ee470107c533393bdf77143d70d020d4670b73b890cbe7794401f62_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:25009b47369d945141850084b0f2f303e72e8137b547de01c7b79c66141a4ad8_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:855d3b6c7ca77ef02aaa029c45e003c80ad9e1f8bd61a7d244ff475b26e6cd98_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:4732513293f2df546416fc805ea717f2b211ebe0fc5a16d8fd2c78c24ad79eba_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c9f851e253fca208fc6dfe8ce468824ae99dfdeb1f9cfe8cb47706a64562701e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f8a741914232bb80b1b3a542ad0ba3392593b4c8f9018a63f11380afdd19ceca_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted AES-GCM packet decoder inputs"
    }
  ]
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…