Search

Find a vulnerability

Search criteria

    339 vulnerabilities found for go by golang

    CVE-2026-42501 (GCVE-0-2026-42501)

    Vulnerability from nvd – Published: 2026-05-07 19:41 – Updated: 2026-05-08 15:48
    VLAI
    Title
    Malicious module proxy can bypass checksum database in cmd/go
    Summary
    A malicious module proxy can exploit a flaw in the go command's validation of module checksums to bypass checksum database validation. This vulnerability affects any user using an untrusted module proxy (GOMODPROXY) or checksum database (GOSUMDB). A malicious module proxy can serve altered versions of the Go toolchain. When selecting a different version of the Go toolchain than the currently installed toolchain (due to the GOTOOLCHAIN environment variable, or a go.work or go.mod with a toolchain line), the go command will download and execute a toolchain provided by the module proxy. A malicious module proxy can bypass checksum database validation for this downloaded toolchain. Since this vulnerability affects the security of toolchain downloads, setting GOTOOLCHAIN to a fixed version is not sufficient. You must upgrade your base Go toolchain. The go tool always validates the hash of a toolchain before executing it, so fixed versions will refuse to execute any cached, altered versions of the toolchain. The go tool trusts go.sum files to contain accurate hashes of the current module's dependencies. A malicious proxy exploiting this vulnerability to serve an altered module will have caused an incorrect hash to be recorded in the go.sum. Users who have configured a non-trusted GOPROXY can determine if they have been affected by running "rm go.sum ; go mod tidy ; go mod verify", which will revalidate all dependencies of the current module. The specific flaw in more detail: The go command consults the checksum database to validate downloaded modules, when a module is not listed in the go.sum file. It verifies that the module hash reported by the checksum database matches the hash of the downloaded module. If, however, the checksum database returns a successful response that contains no entry for the module, the go command incorrectly permitted validation to succeed. A module proxy may mirror or proxy the checksum database, in which case the go command will not connect to the checksum database directly. Checksums reported by the checksum database are cryptographically signed, so a malicious proxy cannot alter the reported checksum for a module. However, a proxy which returns an empty checksum response, or a checksum response for an unrelated module, could cause the go command to proceed as if a downloaded module has been validated.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-347 - Improper Verification of Cryptographic Signature
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go toolchain cmd/go Affected: 0 , < 1.25.10 (semver)
    Affected: 1.26.0-0 , < 1.26.3 (semver)
    Create a notification for this product.
    Credits
    Mundur (https://github.com/M0nd0R)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-42501",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T15:48:05.053316Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-347",
                    "description": "CWE-347 Improper Verification of Cryptographic Signature",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T15:48:47.404Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "cmd/go",
              "product": "cmd/go",
              "vendor": "Go toolchain",
              "versions": [
                {
                  "lessThan": "1.25.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.3",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Mundur (https://github.com/M0nd0R)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A malicious module proxy can exploit a flaw in the go command\u0027s validation of module checksums to bypass checksum database validation. This vulnerability affects any user using an untrusted module proxy (GOMODPROXY) or checksum database (GOSUMDB). A malicious module proxy can serve altered versions of the Go toolchain. When selecting a different version of the Go toolchain than the currently installed toolchain (due to the GOTOOLCHAIN environment variable, or a go.work or go.mod with a toolchain line), the go command will download and execute a toolchain provided by the module proxy. A malicious module proxy can bypass checksum database validation for this downloaded toolchain. Since this vulnerability affects the security of toolchain downloads, setting GOTOOLCHAIN to a fixed version is not sufficient. You must upgrade your base Go toolchain. The go tool always validates the hash of a toolchain before executing it, so fixed versions will refuse to execute any cached, altered versions of the toolchain. The go tool trusts go.sum files to contain accurate hashes of the current module\u0027s dependencies. A malicious proxy exploiting this vulnerability to serve an altered module will have caused an incorrect hash to be recorded in the go.sum. Users who have configured a non-trusted GOPROXY can determine if they have been affected by running \"rm go.sum ; go mod tidy ; go mod verify\", which will revalidate all dependencies of the current module. The specific flaw in more detail: The go command consults the checksum database to validate downloaded modules, when a module is not listed in the go.sum file. It verifies that the module hash reported by the checksum database matches the hash of the downloaded module. If, however, the checksum database returns a successful response that contains no entry for the module, the go command incorrectly permitted validation to succeed. A module proxy may mirror or proxy the checksum database, in which case the go command will not connect to the checksum database directly. Checksums reported by the checksum database are cryptographically signed, so a malicious proxy cannot alter the reported checksum for a module. However, a proxy which returns an empty checksum response, or a checksum response for an unrelated module, could cause the go command to proceed as if a downloaded module has been validated."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-347: Improper Verification of Cryptographic Signature",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T19:41:19.691Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/775321"
            },
            {
              "url": "https://go.dev/issue/79070"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4984"
            }
          ],
          "title": "Malicious module proxy can bypass checksum database in cmd/go"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-42501",
        "datePublished": "2026-05-07T19:41:19.691Z",
        "dateReserved": "2026-04-28T00:21:12.791Z",
        "dateUpdated": "2026-05-08T15:48:47.404Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-42499 (GCVE-0-2026-42499)

    Vulnerability from nvd – Published: 2026-05-07 19:41 – Updated: 2026-07-02 12:05
    VLAI
    Title
    Quadratic string concatenation in consumePhrase in net/mail
    Summary
    Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-407 - Inefficient Algorithmic Complexity
    • CWE-1046 - Creation of Immutable Text Using String Concatenation
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/mail Affected: 0 , < 1.25.10 (semver)
    Affected: 1.26.0-0 , < 1.26.3 (semver)
    Create a notification for this product.
    Red Hat Logging Subsystem for Red Hat OpenShift 6.4     cpe:/a:redhat:logging:6.4::el9
    Create a notification for this product.
    Red Hat Red Hat Developer Hub 1.9     cpe:/a:redhat:rhdh:1.9::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.0     cpe:/a:redhat:service_mesh:3.0::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.1     cpe:/a:redhat:service_mesh:3.1::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.2     cpe:/a:redhat:service_mesh:3.2::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.3     cpe:/a:redhat:service_mesh:3.3::el9
    Create a notification for this product.
    Red Hat Assisted Installer for Red Hat OpenShift Container Platform 2     cpe:/a:redhat:assisted_installer:2
    Create a notification for this product.
    Red Hat cert-manager Operator for Red Hat OpenShift     cpe:/a:redhat:cert_manager:1
    Create a notification for this product.
    Red Hat Confidential Compute Attestation     cpe:/a:redhat:confidential_compute_attestation:1
    Create a notification for this product.
    Red Hat Cryostat 4     cpe:/a:redhat:cryostat:4
    Create a notification for this product.
    Red Hat Custom Metric Autoscaler operator for Red Hat Openshift     cpe:/a:redhat:openshift_custom_metrics_autoscaler:2
    Create a notification for this product.
    Red Hat External Secrets Operator for Red Hat OpenShift     cpe:/a:redhat:external_secrets_operator:1
    Create a notification for this product.
    Red Hat File Integrity Operator     cpe:/a:redhat:openshift_file_integrity_operator:1
    Create a notification for this product.
    Red Hat Logical Volume Manager Storage     cpe:/a:redhat:lvms:4
    Create a notification for this product.
    Red Hat Migration Toolkit for Applications 8     cpe:/a:redhat:migration_toolkit_applications:8
    Create a notification for this product.
    Red Hat Migration Toolkit for Containers     cpe:/a:redhat:rhmt:1
    Create a notification for this product.
    Red Hat Multiarch Tuning Operator     cpe:/a:redhat:multiarch_tuning_operator
    Create a notification for this product.
    Red Hat Network Observability Operator     cpe:/a:redhat:network_observ_optr:1
    Create a notification for this product.
    Red Hat OpenShift API for Data Protection     cpe:/a:redhat:openshift_api_data_protection:1
    Create a notification for this product.
    Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
    Create a notification for this product.
    Red Hat OpenShift Lightspeed     cpe:/a:redhat:openshift_lightspeed
    Create a notification for this product.
    Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
    Create a notification for this product.
    Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
    Create a notification for this product.
    Red Hat OpenShift Service Mesh 2     cpe:/a:redhat:service_mesh:2
    Create a notification for this product.
    Red Hat OpenShift Service Mesh 3     cpe:/a:redhat:service_mesh:3
    Create a notification for this product.
    Red Hat Power monitoring for Red Hat OpenShift     cpe:/a:redhat:openshift_power_monitoring
    Create a notification for this product.
    Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
    Create a notification for this product.
    Red Hat Red Hat Ceph Storage 5     cpe:/a:redhat:ceph_storage:5
    Create a notification for this product.
    Red Hat Red Hat Ceph Storage 6     cpe:/a:redhat:ceph_storage:6
    Create a notification for this product.
    Red Hat Red Hat Ceph Storage 9     cpe:/a:redhat:ceph_storage:9
    Create a notification for this product.
    Red Hat Red Hat Certification Program for Red Hat Enterprise Linux 9     cpe:/a:redhat:certifications:9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
    Create a notification for this product.
    Red Hat Red Hat OpenShift Cluster Manager CLI     cpe:/a:redhat:openshift_cluster_manager_cli:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Red Hat Red Hat Openshift Data Foundation 4     cpe:/a:redhat:openshift_data_foundation:4
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces     cpe:/a:redhat:openshift_devspaces:3
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Workspaces Operator     cpe:/a:redhat:devworkspace
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3     cpe:/a:redhat:openshift_distributed_tracing:3
    Create a notification for this product.
    Red Hat Red Hat OpenShift for Windows Containers     cpe:/a:redhat:windows_machine_config
    Create a notification for this product.
    Red Hat Red Hat OpenShift GitOps     cpe:/a:redhat:openshift_gitops:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 18.0     cpe:/a:redhat:openstack:18.0
    Create a notification for this product.
    Red Hat Red Hat Quay 3     cpe:/a:redhat:quay:3
    Create a notification for this product.
    Red Hat Red Hat Service Interconnect 1     cpe:/a:redhat:service_interconnect:1
    Create a notification for this product.
    Red Hat Red Hat Service Interconnect 2     cpe:/a:redhat:service_interconnect:2
    Create a notification for this product.
    Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
    Create a notification for this product.
    Red Hat Security Profiles Operator     cpe:/a:redhat:openshift_security_profiles_operator:1
    Create a notification for this product.
    Red Hat Zero Trust Workload Identity Manager     cpe:/a:redhat:zero_trust_workload_identity_manager:1
    Create a notification for this product.
    Red Hat Zero Trust Workload Identity Manager - Tech Preview     cpe:/a:redhat:zero_trust_workload_identity_manager:0
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
    Create a notification for this product.
    Red Hat Gatekeeper 3     cpe:/a:redhat:gatekeeper:3
    Create a notification for this product.
    Red Hat Multicluster Engine for Kubernetes     cpe:/a:redhat:multicluster_engine
    Create a notification for this product.
    Red Hat Multicluster Global Hub     cpe:/a:redhat:multicluster_globalhub
    Create a notification for this product.
    Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
    Create a notification for this product.
    Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
    Create a notification for this product.
    Red Hat Red Hat Edge Manager 1     cpe:/a:redhat:edge_manager:1
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AI (RHEL AI) 3     cpe:/a:redhat:enterprise_linux_ai:3
    Create a notification for this product.
    Red Hat Red Hat Lightspeed for Runtimes Operator     cpe:/a:redhat:lightspeed_for_runtimes:1
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-42499",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T16:55:28.873015Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T21:29:59.662Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:logging:6.4::el9"
                ],
                "defaultStatus": "affected",
                "product": "Logging Subsystem for Red Hat OpenShift 6.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhdh:1.9::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Developer Hub 1.9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.0::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.2::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.3::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:assisted_installer:2"
                ],
                "defaultStatus": "affected",
                "product": "Assisted Installer for Red Hat OpenShift Container Platform 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:cert_manager:1"
                ],
                "defaultStatus": "affected",
                "product": "cert-manager Operator for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:confidential_compute_attestation:1"
                ],
                "defaultStatus": "affected",
                "product": "Confidential Compute Attestation",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:cryostat:4"
                ],
                "defaultStatus": "affected",
                "product": "Cryostat 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2"
                ],
                "defaultStatus": "affected",
                "product": "Custom Metric Autoscaler operator for Red Hat Openshift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:external_secrets_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "External Secrets Operator for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_file_integrity_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "File Integrity Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:lvms:4"
                ],
                "defaultStatus": "affected",
                "product": "Logical Volume Manager Storage",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:migration_toolkit_applications:8"
                ],
                "defaultStatus": "affected",
                "product": "Migration Toolkit for Applications 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhmt:1"
                ],
                "defaultStatus": "affected",
                "product": "Migration Toolkit for Containers",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multiarch_tuning_operator"
                ],
                "defaultStatus": "affected",
                "product": "Multiarch Tuning Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:network_observ_optr:1"
                ],
                "defaultStatus": "affected",
                "product": "Network Observability Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_api_data_protection:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift API for Data Protection",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_lightspeed"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Lightspeed",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_pipelines:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Pipelines",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:serverless:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Serverless",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:2"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Service Mesh 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Service Mesh 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_power_monitoring"
                ],
                "defaultStatus": "affected",
                "product": "Power monitoring for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:advanced_cluster_security:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Advanced Cluster Security 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ceph_storage:5"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ceph Storage 5",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ceph_storage:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ceph Storage 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ceph_storage:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ceph Storage 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:certifications:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Certification Program for Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_ai"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift AI (RHOAI)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_cluster_manager_cli:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Cluster Manager CLI",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_data_foundation:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Openshift Data Foundation 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Dev Spaces",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:devworkspace"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Dev Workspaces Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_distributed_tracing:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift distributed tracing 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:windows_machine_config"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift for Windows Containers",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_gitops:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift GitOps",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:container_native_virtualization:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Virtualization 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:18.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenStack Platform 18.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_interconnect:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Service Interconnect 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_interconnect:2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Service Interconnect 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:trusted_artifact_signer:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Trusted Artifact Signer",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_security_profiles_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "Security Profiles Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:zero_trust_workload_identity_manager:1"
                ],
                "defaultStatus": "affected",
                "product": "Zero Trust Workload Identity Manager",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:zero_trust_workload_identity_manager:0"
                ],
                "defaultStatus": "affected",
                "product": "Zero Trust Workload Identity Manager - Tech Preview",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:16.2"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenStack Platform 16.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:17.1"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenStack Platform 17.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:gatekeeper:3"
                ],
                "defaultStatus": "unknown",
                "product": "Gatekeeper 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_engine"
                ],
                "defaultStatus": "unknown",
                "product": "Multicluster Engine for Kubernetes",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_globalhub"
                ],
                "defaultStatus": "unknown",
                "product": "Multicluster Global Hub",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:acm:2"
                ],
                "defaultStatus": "unknown",
                "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ansible_automation_platform:2"
                ],
                "defaultStatus": "unknown",
                "product": "Red Hat Ansible Automation Platform 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:edge_manager:1"
                ],
                "defaultStatus": "unknown",
                "product": "Red Hat Edge Manager 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux_ai:3"
                ],
                "defaultStatus": "unknown",
                "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:lightspeed_for_runtimes:1"
                ],
                "defaultStatus": "unknown",
                "product": "Red Hat Lightspeed for Runtimes Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "unknown",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-07T19:41:18.615Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-1046",
                    "description": "Creation of Immutable Text Using String Concatenation",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-02T12:05:06.478Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-42499"
              },
              {
                "name": "RHBZ#2467809",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467809"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-42499.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34364"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33574"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33120"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33123"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33142"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33150"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:34364: Logging Subsystem for Red Hat OpenShift 6.4"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33574: Red Hat Developer Hub 1.9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33120: Red Hat OpenShift Service Mesh 3.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33123: Red Hat OpenShift Service Mesh 3.1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33142: Red Hat OpenShift Service Mesh 3.2"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33150: Red Hat OpenShift Service Mesh 3.3"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-07T20:00:51.685Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-07T19:41:18.615Z",
                "value": "Made public."
              }
            ],
            "title": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/mail",
              "product": "net/mail",
              "programRoutines": [
                {
                  "name": "addrParser.consumePhrase"
                },
                {
                  "name": "AddressParser.Parse"
                },
                {
                  "name": "AddressParser.ParseList"
                },
                {
                  "name": "Header.AddressList"
                },
                {
                  "name": "ParseAddress"
                },
                {
                  "name": "ParseAddressList"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.25.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.3",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-407: Inefficient Algorithmic Complexity",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T19:41:18.615Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/78987"
            },
            {
              "url": "https://go.dev/cl/771520"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4977"
            }
          ],
          "title": "Quadratic string concatenation in consumePhrase in net/mail"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-42499",
        "datePublished": "2026-05-07T19:41:18.615Z",
        "dateReserved": "2026-04-28T00:21:12.791Z",
        "dateUpdated": "2026-07-02T12:05:06.478Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-39836 (GCVE-0-2026-39836)

    Vulnerability from nvd – Published: 2026-05-07 19:41 – Updated: 2026-05-08 21:30
    VLAI
    Title
    Panic in Dial and LookupPort when handling NUL byte on Windows in net
    Summary
    The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL (0).
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net Affected: 0 , < 1.25.10 (semver)
    Affected: 1.26.0-0 , < 1.26.3 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-39836",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T16:36:25.079035Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T21:30:15.127Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net",
              "product": "net",
              "programRoutines": [
                {
                  "name": "Resolver.lookupPort"
                },
                {
                  "name": "Resolver.lookupAddr"
                },
                {
                  "name": "Resolver.lookupTXT"
                },
                {
                  "name": "Resolver.lookupNS"
                },
                {
                  "name": "Resolver.lookupMX"
                },
                {
                  "name": "Resolver.lookupSRV"
                },
                {
                  "name": "Dial"
                },
                {
                  "name": "DialTimeout"
                },
                {
                  "name": "Dialer.Dial"
                },
                {
                  "name": "Dialer.DialContext"
                },
                {
                  "name": "Listen"
                },
                {
                  "name": "ListenConfig.Listen"
                },
                {
                  "name": "ListenConfig.ListenPacket"
                },
                {
                  "name": "ListenPacket"
                },
                {
                  "name": "LookupAddr"
                },
                {
                  "name": "LookupCNAME"
                },
                {
                  "name": "LookupHost"
                },
                {
                  "name": "LookupIP"
                },
                {
                  "name": "LookupMX"
                },
                {
                  "name": "LookupNS"
                },
                {
                  "name": "LookupPort"
                },
                {
                  "name": "LookupSRV"
                },
                {
                  "name": "LookupTXT"
                },
                {
                  "name": "ResolveIPAddr"
                },
                {
                  "name": "ResolveTCPAddr"
                },
                {
                  "name": "ResolveUDPAddr"
                },
                {
                  "name": "Resolver.LookupAddr"
                },
                {
                  "name": "Resolver.LookupCNAME"
                },
                {
                  "name": "Resolver.LookupHost"
                },
                {
                  "name": "Resolver.LookupIP"
                },
                {
                  "name": "Resolver.LookupIPAddr"
                },
                {
                  "name": "Resolver.LookupMX"
                },
                {
                  "name": "Resolver.LookupNS"
                },
                {
                  "name": "Resolver.LookupNetIP"
                },
                {
                  "name": "Resolver.LookupPort"
                },
                {
                  "name": "Resolver.LookupSRV"
                },
                {
                  "name": "Resolver.LookupTXT"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.25.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.3",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL (0)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-248: Uncaught Exception",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T19:41:18.300Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/79006"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
            },
            {
              "url": "https://go.dev/cl/775320"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4971"
            }
          ],
          "title": "Panic in Dial and LookupPort when handling NUL byte on Windows in net"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-39836",
        "datePublished": "2026-05-07T19:41:18.300Z",
        "dateReserved": "2026-04-07T18:13:03.529Z",
        "dateUpdated": "2026-05-08T21:30:15.127Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-39826 (GCVE-0-2026-39826)

    Vulnerability from nvd – Published: 2026-05-07 19:41 – Updated: 2026-05-08 14:05
    VLAI
    Title
    Escaper bypass leads to XSS in html/template
    Summary
    If a trusted template author were to write a <script> tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the <script> block.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library html/template Affected: 0 , < 1.25.10 (semver)
    Affected: 1.26.0-0 , < 1.26.3 (semver)
    Create a notification for this product.
    Credits
    Mundur (https://github.com/M0nd0R)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.1,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "CHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-39826",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T14:04:40.842823Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T14:05:05.849Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "html/template",
              "product": "html/template",
              "programRoutines": [
                {
                  "name": "isJSType"
                },
                {
                  "name": "Template.Execute"
                },
                {
                  "name": "Template.ExecuteTemplate"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.25.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.3",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Mundur (https://github.com/M0nd0R)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "If a trusted template author were to write a \u003cscript\u003e tag containing an empty \u0027type\u0027 attribute or a \u0027type\u0027 attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the \u003cscript\u003e block."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T19:41:19.138Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/78981"
            },
            {
              "url": "https://go.dev/cl/771180"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4980"
            }
          ],
          "title": "Escaper bypass leads to XSS in html/template"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-39826",
        "datePublished": "2026-05-07T19:41:19.138Z",
        "dateReserved": "2026-04-07T18:13:03.528Z",
        "dateUpdated": "2026-05-08T14:05:05.849Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-39825 (GCVE-0-2026-39825)

    Vulnerability from nvd – Published: 2026-05-07 19:41 – Updated: 2026-05-08 21:30
    VLAI
    Title
    ReverseProxy forwards queries with more than urlmaxqueryparams parameters in net/http/httputil
    Summary
    ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery. ReverseProxy does not take ParseQuery's limit on the total number of query parameters (controlled by GODEBUG=urlmaxqueryparams=N) into account. This can permit ReverseProxy to forward a request containing a query parameter that is not visible to the Rewrite function. For example, the query "a1=x&a2=x&...&a10000=x&hidden=y" can forward the parameter "hidden=y" while hiding it from the proxy's Rewrite function.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/http/httputil Affected: 0 , < 1.25.10 (semver)
    Affected: 1.26.0-0 , < 1.26.3 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.3,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-39825",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T16:46:43.329507Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T21:30:08.872Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http/httputil",
              "product": "net/http/httputil",
              "programRoutines": [
                {
                  "name": "cleanQueryParams"
                },
                {
                  "name": "ReverseProxy.ServeHTTP"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.25.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.3",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery. ReverseProxy does not take ParseQuery\u0027s limit on the total number of query parameters (controlled by GODEBUG=urlmaxqueryparams=N) into account. This can permit ReverseProxy to forward a request containing a query parameter that is not visible to the Rewrite function. For example, the query \"a1=x\u0026a2=x\u0026...\u0026a10000=x\u0026hidden=y\" can forward the parameter \"hidden=y\" while hiding it from the proxy\u0027s Rewrite function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T19:41:18.453Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/770541"
            },
            {
              "url": "https://go.dev/issue/78948"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4976"
            }
          ],
          "title": "ReverseProxy forwards queries with more than urlmaxqueryparams parameters in net/http/httputil"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-39825",
        "datePublished": "2026-05-07T19:41:18.453Z",
        "dateReserved": "2026-04-07T18:13:03.527Z",
        "dateUpdated": "2026-05-08T21:30:08.872Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-39823 (GCVE-0-2026-39823)

    Vulnerability from nvd – Published: 2026-05-07 19:41 – Updated: 2026-05-08 14:05
    VLAI
    Title
    Bypass of meta content URL escaping causes XSS in html/template
    Summary
    CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a <meta> tag's <content> attribute. If the URL content were to insert ASCII whitespaces around the '=' rune inside of the <content> attribute, the escaper would fail to similarly escape it, leading to XSS.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library html/template Affected: 0 , < 1.25.10 (semver)
    Affected: 1.26.0-0 , < 1.26.3 (semver)
    Create a notification for this product.
    Credits
    Samy Ghannad
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.1,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "CHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-39823",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T14:05:34.310805Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T14:05:55.152Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "html/template",
              "product": "html/template",
              "programRoutines": [
                {
                  "name": "tMetaContent"
                },
                {
                  "name": "Template.Execute"
                },
                {
                  "name": "Template.ExecuteTemplate"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.25.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.3",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Samy Ghannad"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a \u003cmeta\u003e tag\u0027s \u003ccontent\u003e attribute. If the URL content were to insert ASCII whitespaces around the \u0027=\u0027 rune inside of the \u003ccontent\u003e attribute, the escaper would fail to similarly escape it, leading to XSS."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T19:41:19.524Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/78913"
            },
            {
              "url": "https://go.dev/cl/769920"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4982"
            }
          ],
          "title": "Bypass of meta content URL escaping causes XSS in html/template"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-39823",
        "datePublished": "2026-05-07T19:41:19.524Z",
        "dateReserved": "2026-04-07T18:13:03.527Z",
        "dateUpdated": "2026-05-08T14:05:55.152Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-39820 (GCVE-0-2026-39820)

    Vulnerability from nvd – Published: 2026-05-07 19:41 – Updated: 2026-07-02 12:05
    VLAI
    Title
    Quadratic string concatentation in consumeComment in net/mail
    Summary
    Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-407 - Inefficient Algorithmic Complexity
    • CWE-606 - Unchecked Input for Loop Condition
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/mail Affected: 0 , < 1.25.10 (semver)
    Affected: 1.26.0-0 , < 1.26.3 (semver)
    Create a notification for this product.
    Red Hat Logging Subsystem for Red Hat OpenShift 6.4     cpe:/a:redhat:logging:6.4::el9
    Create a notification for this product.
    Red Hat Red Hat Developer Hub 1.9     cpe:/a:redhat:rhdh:1.9::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.0     cpe:/a:redhat:service_mesh:3.0::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.1     cpe:/a:redhat:service_mesh:3.1::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.2     cpe:/a:redhat:service_mesh:3.2::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.3     cpe:/a:redhat:service_mesh:3.3::el9
    Create a notification for this product.
    Red Hat Assisted Installer for Red Hat OpenShift Container Platform 2     cpe:/a:redhat:assisted_installer:2
    Create a notification for this product.
    Red Hat cert-manager Operator for Red Hat OpenShift     cpe:/a:redhat:cert_manager:1
    Create a notification for this product.
    Red Hat Confidential Compute Attestation     cpe:/a:redhat:confidential_compute_attestation:1
    Create a notification for this product.
    Red Hat Cryostat 4     cpe:/a:redhat:cryostat:4
    Create a notification for this product.
    Red Hat Custom Metric Autoscaler operator for Red Hat Openshift     cpe:/a:redhat:openshift_custom_metrics_autoscaler:2
    Create a notification for this product.
    Red Hat External Secrets Operator for Red Hat OpenShift     cpe:/a:redhat:external_secrets_operator:1
    Create a notification for this product.
    Red Hat File Integrity Operator     cpe:/a:redhat:openshift_file_integrity_operator:1
    Create a notification for this product.
    Red Hat Logical Volume Manager Storage     cpe:/a:redhat:lvms:4
    Create a notification for this product.
    Red Hat Migration Toolkit for Applications 8     cpe:/a:redhat:migration_toolkit_applications:8
    Create a notification for this product.
    Red Hat Migration Toolkit for Containers     cpe:/a:redhat:rhmt:1
    Create a notification for this product.
    Red Hat Multiarch Tuning Operator     cpe:/a:redhat:multiarch_tuning_operator
    Create a notification for this product.
    Red Hat Network Observability Operator     cpe:/a:redhat:network_observ_optr:1
    Create a notification for this product.
    Red Hat OpenShift API for Data Protection     cpe:/a:redhat:openshift_api_data_protection:1
    Create a notification for this product.
    Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
    Create a notification for this product.
    Red Hat OpenShift Lightspeed     cpe:/a:redhat:openshift_lightspeed
    Create a notification for this product.
    Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
    Create a notification for this product.
    Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
    Create a notification for this product.
    Red Hat OpenShift Service Mesh 2     cpe:/a:redhat:service_mesh:2
    Create a notification for this product.
    Red Hat OpenShift Service Mesh 3     cpe:/a:redhat:service_mesh:3
    Create a notification for this product.
    Red Hat Power monitoring for Red Hat OpenShift     cpe:/a:redhat:openshift_power_monitoring
    Create a notification for this product.
    Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
    Create a notification for this product.
    Red Hat Red Hat Ceph Storage 5     cpe:/a:redhat:ceph_storage:5
    Create a notification for this product.
    Red Hat Red Hat Ceph Storage 6     cpe:/a:redhat:ceph_storage:6
    Create a notification for this product.
    Red Hat Red Hat Ceph Storage 9     cpe:/a:redhat:ceph_storage:9
    Create a notification for this product.
    Red Hat Red Hat Certification Program for Red Hat Enterprise Linux 9     cpe:/a:redhat:certifications:9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AI (RHEL AI) 3     cpe:/a:redhat:enterprise_linux_ai:3
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
    Create a notification for this product.
    Red Hat Red Hat OpenShift Cluster Manager CLI     cpe:/a:redhat:openshift_cluster_manager_cli:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Red Hat Red Hat Openshift Data Foundation 4     cpe:/a:redhat:openshift_data_foundation:4
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces     cpe:/a:redhat:openshift_devspaces:3
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Workspaces Operator     cpe:/a:redhat:devworkspace
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3     cpe:/a:redhat:openshift_distributed_tracing:3
    Create a notification for this product.
    Red Hat Red Hat OpenShift for Windows Containers     cpe:/a:redhat:windows_machine_config
    Create a notification for this product.
    Red Hat Red Hat OpenShift GitOps     cpe:/a:redhat:openshift_gitops:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 18.0     cpe:/a:redhat:openstack:18.0
    Create a notification for this product.
    Red Hat Red Hat Quay 3     cpe:/a:redhat:quay:3
    Create a notification for this product.
    Red Hat Red Hat Service Interconnect 1     cpe:/a:redhat:service_interconnect:1
    Create a notification for this product.
    Red Hat Red Hat Service Interconnect 2     cpe:/a:redhat:service_interconnect:2
    Create a notification for this product.
    Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
    Create a notification for this product.
    Red Hat Security Profiles Operator     cpe:/a:redhat:openshift_security_profiles_operator:1
    Create a notification for this product.
    Red Hat Zero Trust Workload Identity Manager     cpe:/a:redhat:zero_trust_workload_identity_manager:1
    Create a notification for this product.
    Red Hat Zero Trust Workload Identity Manager - Tech Preview     cpe:/a:redhat:zero_trust_workload_identity_manager:0
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
    Create a notification for this product.
    Red Hat Gatekeeper 3     cpe:/a:redhat:gatekeeper:3
    Create a notification for this product.
    Red Hat Multicluster Engine for Kubernetes     cpe:/a:redhat:multicluster_engine
    Create a notification for this product.
    Red Hat Multicluster Global Hub     cpe:/a:redhat:multicluster_globalhub
    Create a notification for this product.
    Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
    Create a notification for this product.
    Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
    Create a notification for this product.
    Red Hat Red Hat Edge Manager 1     cpe:/a:redhat:edge_manager:1
    Create a notification for this product.
    Red Hat Red Hat Lightspeed for Runtimes Operator     cpe:/a:redhat:lightspeed_for_runtimes:1
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Credits
    thatnealpatel
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-39820",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T14:27:51.595266Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T14:27:54.923Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:logging:6.4::el9"
                ],
                "defaultStatus": "affected",
                "product": "Logging Subsystem for Red Hat OpenShift 6.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhdh:1.9::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Developer Hub 1.9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.0::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.2::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.3::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:assisted_installer:2"
                ],
                "defaultStatus": "affected",
                "product": "Assisted Installer for Red Hat OpenShift Container Platform 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:cert_manager:1"
                ],
                "defaultStatus": "affected",
                "product": "cert-manager Operator for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:confidential_compute_attestation:1"
                ],
                "defaultStatus": "affected",
                "product": "Confidential Compute Attestation",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:cryostat:4"
                ],
                "defaultStatus": "affected",
                "product": "Cryostat 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2"
                ],
                "defaultStatus": "affected",
                "product": "Custom Metric Autoscaler operator for Red Hat Openshift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:external_secrets_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "External Secrets Operator for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_file_integrity_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "File Integrity Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:lvms:4"
                ],
                "defaultStatus": "affected",
                "product": "Logical Volume Manager Storage",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:migration_toolkit_applications:8"
                ],
                "defaultStatus": "affected",
                "product": "Migration Toolkit for Applications 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhmt:1"
                ],
                "defaultStatus": "affected",
                "product": "Migration Toolkit for Containers",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multiarch_tuning_operator"
                ],
                "defaultStatus": "affected",
                "product": "Multiarch Tuning Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:network_observ_optr:1"
                ],
                "defaultStatus": "affected",
                "product": "Network Observability Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_api_data_protection:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift API for Data Protection",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_lightspeed"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Lightspeed",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_pipelines:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Pipelines",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:serverless:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Serverless",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:2"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Service Mesh 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Service Mesh 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_power_monitoring"
                ],
                "defaultStatus": "affected",
                "product": "Power monitoring for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:advanced_cluster_security:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Advanced Cluster Security 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ceph_storage:5"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ceph Storage 5",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ceph_storage:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ceph Storage 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ceph_storage:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ceph Storage 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:certifications:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Certification Program for Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux_ai:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_ai"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift AI (RHOAI)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_cluster_manager_cli:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Cluster Manager CLI",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_data_foundation:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Openshift Data Foundation 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Dev Spaces",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:devworkspace"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Dev Workspaces Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_distributed_tracing:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift distributed tracing 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:windows_machine_config"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift for Windows Containers",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_gitops:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift GitOps",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:container_native_virtualization:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Virtualization 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:18.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenStack Platform 18.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_interconnect:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Service Interconnect 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_interconnect:2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Service Interconnect 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:trusted_artifact_signer:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Trusted Artifact Signer",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_security_profiles_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "Security Profiles Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:zero_trust_workload_identity_manager:1"
                ],
                "defaultStatus": "affected",
                "product": "Zero Trust Workload Identity Manager",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:zero_trust_workload_identity_manager:0"
                ],
                "defaultStatus": "affected",
                "product": "Zero Trust Workload Identity Manager - Tech Preview",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:16.2"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenStack Platform 16.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:17.1"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenStack Platform 17.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:gatekeeper:3"
                ],
                "defaultStatus": "unknown",
                "product": "Gatekeeper 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_engine"
                ],
                "defaultStatus": "unknown",
                "product": "Multicluster Engine for Kubernetes",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_globalhub"
                ],
                "defaultStatus": "unknown",
                "product": "Multicluster Global Hub",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:acm:2"
                ],
                "defaultStatus": "unknown",
                "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ansible_automation_platform:2"
                ],
                "defaultStatus": "unknown",
                "product": "Red Hat Ansible Automation Platform 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:edge_manager:1"
                ],
                "defaultStatus": "unknown",
                "product": "Red Hat Edge Manager 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:lightspeed_for_runtimes:1"
                ],
                "defaultStatus": "unknown",
                "product": "Red Hat Lightspeed for Runtimes Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "unknown",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-07T19:41:19.854Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-606",
                    "description": "Unchecked Input for Loop Condition",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-02T12:05:06.798Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-39820"
              },
              {
                "name": "RHBZ#2467820",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467820"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39820.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34364"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33574"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33120"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33123"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33142"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33150"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:34364: Logging Subsystem for Red Hat OpenShift 6.4"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33574: Red Hat Developer Hub 1.9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33120: Red Hat OpenShift Service Mesh 3.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33123: Red Hat OpenShift Service Mesh 3.1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33142: Red Hat OpenShift Service Mesh 3.2"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33150: Red Hat OpenShift Service Mesh 3.3"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-07T20:01:27.800Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-07T19:41:19.854Z",
                "value": "Made public."
              }
            ],
            "title": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/mail",
              "product": "net/mail",
              "programRoutines": [
                {
                  "name": "addrParser.consumeComment"
                },
                {
                  "name": "AddressParser.Parse"
                },
                {
                  "name": "AddressParser.ParseList"
                },
                {
                  "name": "Header.AddressList"
                },
                {
                  "name": "Header.Date"
                },
                {
                  "name": "ParseAddress"
                },
                {
                  "name": "ParseAddressList"
                },
                {
                  "name": "ParseDate"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.25.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.3",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "thatnealpatel"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-407: Inefficient Algorithmic Complexity",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T19:41:19.854Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/78566"
            },
            {
              "url": "https://go.dev/cl/759940"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4986"
            }
          ],
          "title": "Quadratic string concatentation in consumeComment in net/mail"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-39820",
        "datePublished": "2026-05-07T19:41:19.854Z",
        "dateReserved": "2026-04-07T18:13:03.526Z",
        "dateUpdated": "2026-07-02T12:05:06.798Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-39819 (GCVE-0-2026-39819)

    Vulnerability from nvd – Published: 2026-05-07 19:41 – Updated: 2026-05-08 21:29
    VLAI
    Title
    Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
    Summary
    The "go bug" command writes to two files with predictable names in the system temporary directory (for example, "/tmp"). An attacker with access to the temporary directory can create a symlink in one of these names, causing "go bug" to overwrite the target of the symlink.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-377 - Insecure Temporary File
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go toolchain cmd/go Affected: 0 , < 1.25.10 (semver)
    Affected: 1.26.0-0 , < 1.26.3 (semver)
    Create a notification for this product.
    Credits
    Harshit Gupta (Mr HAX)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.3,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-39819",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T16:56:43.015860Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T21:29:53.674Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "cmd/go",
              "product": "cmd/go",
              "vendor": "Go toolchain",
              "versions": [
                {
                  "lessThan": "1.25.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.3",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Harshit Gupta (Mr HAX)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The \"go bug\" command writes to two files with predictable names in the system temporary directory (for example, \"/tmp\"). An attacker with access to the temporary directory can create a symlink in one of these names, causing \"go bug\" to overwrite the target of the symlink."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-377: Insecure Temporary File",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T19:41:18.849Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/78584"
            },
            {
              "url": "https://go.dev/cl/763882"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4978"
            }
          ],
          "title": "Invoking \"go bug\" follows symlinks in predictable temporary filenames in cmd/go"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-39819",
        "datePublished": "2026-05-07T19:41:18.849Z",
        "dateReserved": "2026-04-07T18:13:03.526Z",
        "dateUpdated": "2026-05-08T21:29:53.674Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-39817 (GCVE-0-2026-39817)

    Vulnerability from nvd – Published: 2026-05-07 19:41 – Updated: 2026-05-08 21:29
    VLAI
    Title
    Invoking "go tool pack" does not sanitize output paths in cmd/go
    Summary
    The "go tool pack" subcommand (usually used only by the compiler as an internal tool with known-good inputs) does not sanitize output filenames. Extracting a malicious archive file with the "pack" subcommand can write files to arbitrary locations on the filesystem.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go toolchain cmd/go Affected: 0 , < 1.25.10 (semver)
    Affected: 1.26.0-0 , < 1.26.3 (semver)
    Create a notification for this product.
    Credits
    Harshit Gupta (Mr HAX)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.9,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "CHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-39817",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T16:58:23.255142Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T21:29:47.246Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "cmd/go",
              "product": "cmd/go",
              "vendor": "Go toolchain",
              "versions": [
                {
                  "lessThan": "1.25.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.3",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Harshit Gupta (Mr HAX)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The \"go tool pack\" subcommand (usually used only by the compiler as an internal tool with known-good inputs) does not sanitize output filenames. Extracting a malicious archive file with the \"pack\" subcommand can write files to arbitrary locations on the filesystem."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T19:41:18.993Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/78778"
            },
            {
              "url": "https://go.dev/cl/767520"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4979"
            }
          ],
          "title": "Invoking \"go tool pack\" does not sanitize output paths in cmd/go"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-39817",
        "datePublished": "2026-05-07T19:41:18.993Z",
        "dateReserved": "2026-04-07T18:13:03.524Z",
        "dateUpdated": "2026-05-08T21:29:47.246Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-33814 (GCVE-0-2026-33814)

    Vulnerability from nvd – Published: 2026-05-07 19:41 – Updated: 2026-07-02 12:05
    VLAI
    Title
    Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net
    Summary
    When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
    • CWE-606 - Unchecked Input for Loop Condition
    Assigner
    Go
    Impacted products
    Vendor Product Version
    golang.org/x/net golang.org/x/net/http2 Affected: 0 , < 0.53.0 (semver)
    Create a notification for this product.
    Go standard library net/http Affected: 0 , < 1.25.10 (semver)
    Affected: 1.26.0-0 , < 1.26.3 (semver)
    Create a notification for this product.
    Red Hat Cluster Observability Operator 1.5.0     cpe:/a:redhat:cluster_observability_operator:1.5::el9
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.0     cpe:/a:redhat:service_mesh:3.0::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.1     cpe:/a:redhat:service_mesh:3.1::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.2     cpe:/a:redhat:service_mesh:3.2::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.3     cpe:/a:redhat:service_mesh:3.3::el9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AI (RHEL AI) 3     cpe:/a:redhat:enterprise_linux_ai:3
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
    Create a notification for this product.
    Red Hat OpenShift Service Mesh 2     cpe:/a:redhat:service_mesh:2
    Create a notification for this product.
    Credits
    Marwan Atia (marwansamir688@gmail.com)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-33814",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T18:00:53.951676Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T18:01:02.989Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:cluster_observability_operator:1.5::el9"
                ],
                "defaultStatus": "affected",
                "product": "Cluster Observability Operator 1.5.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.0::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.2::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.3::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux_ai:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:container_native_virtualization:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Virtualization 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:2"
                ],
                "defaultStatus": "unaffected",
                "product": "OpenShift Service Mesh 2",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-07T19:41:17.631Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in the HTTP/2 protocol implementation within the Go standard library (golang.org/x/net and net/http/internal/http2). A remote attacker can exploit this vulnerability by sending a specially crafted HTTP/2 SETTINGS frame with the SETTINGS_MAX_FRAME_SIZE parameter set to zero. This malicious frame causes the transport layer to enter an infinite loop of writing CONTINUATION frames, leading to resource exhaustion and a Denial of Service (DoS) condition."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-606",
                    "description": "Unchecked Input for Loop Condition",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-02T12:05:19.070Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-33814"
              },
              {
                "name": "RHBZ#2467815",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467815"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33814.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34342"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23262"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23264"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33120"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33123"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33142"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33150"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:34342: Cluster Observability Operator 1.5.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23262: Red Hat Hardened Images"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23264: Red Hat Hardened Images"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33120: Red Hat OpenShift Service Mesh 3.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33123: Red Hat OpenShift Service Mesh 3.1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33142: Red Hat OpenShift Service Mesh 3.2"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33150: Red Hat OpenShift Service Mesh 3.3"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-07T20:01:11.324Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-07T19:41:17.631Z",
                "value": "Made public."
              }
            ],
            "title": "net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "golang.org/x/net/http2",
              "product": "golang.org/x/net/http2",
              "programRoutines": [
                {
                  "name": "clientConnReadLoop.processSettingsNoWrite"
                },
                {
                  "name": "Transport.NewClientConn"
                },
                {
                  "name": "Transport.RoundTrip"
                },
                {
                  "name": "Transport.RoundTripOpt"
                },
                {
                  "name": "clientConnPool.GetClientConn"
                },
                {
                  "name": "noDialClientConnPool.GetClientConn"
                },
                {
                  "name": "noDialH2RoundTripper.NewClientConn"
                },
                {
                  "name": "noDialH2RoundTripper.RoundTrip"
                },
                {
                  "name": "unencryptedTransport.RoundTrip"
                }
              ],
              "vendor": "golang.org/x/net",
              "versions": [
                {
                  "lessThan": "0.53.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "http2clientConnReadLoop.processSettingsNoWrite"
                },
                {
                  "name": "Client.CloseIdleConnections"
                },
                {
                  "name": "Client.Do"
                },
                {
                  "name": "Client.Get"
                },
                {
                  "name": "Client.Head"
                },
                {
                  "name": "Client.Post"
                },
                {
                  "name": "Client.PostForm"
                },
                {
                  "name": "ClientConn.Close"
                },
                {
                  "name": "ClientConn.RoundTrip"
                },
                {
                  "name": "Get"
                },
                {
                  "name": "Head"
                },
                {
                  "name": "Post"
                },
                {
                  "name": "PostForm"
                },
                {
                  "name": "Transport.CloseIdleConnections"
                },
                {
                  "name": "Transport.NewClientConn"
                },
                {
                  "name": "Transport.RoundTrip"
                },
                {
                  "name": "http1ClientConn.Close"
                },
                {
                  "name": "http1ClientConn.RoundTrip"
                },
                {
                  "name": "http2Transport.NewClientConn"
                },
                {
                  "name": "http2Transport.RoundTrip"
                },
                {
                  "name": "http2Transport.RoundTripOpt"
                },
                {
                  "name": "http2clientConnPool.GetClientConn"
                },
                {
                  "name": "http2noDialClientConnPool.GetClientConn"
                },
                {
                  "name": "http2noDialH2RoundTripper.NewClientConn"
                },
                {
                  "name": "http2noDialH2RoundTripper.RoundTrip"
                },
                {
                  "name": "http2unencryptedTransport.RoundTrip"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.25.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.3",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Marwan Atia (marwansamir688@gmail.com)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T19:41:17.631Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/761581"
            },
            {
              "url": "https://go.dev/cl/761640"
            },
            {
              "url": "https://go.dev/issue/78476"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4918"
            }
          ],
          "title": "Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-33814",
        "datePublished": "2026-05-07T19:41:17.631Z",
        "dateReserved": "2026-03-23T20:35:32.814Z",
        "dateUpdated": "2026-07-02T12:05:19.070Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-33811 (GCVE-0-2026-33811)

    Vulnerability from nvd – Published: 2026-05-07 19:41 – Updated: 2026-07-02 12:04
    VLAI
    Title
    Crash when handling long CNAME response in net
    Summary
    When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-415 - Double Free
    • CWE-1341 - Multiple Releases of Same Resource or Handle
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net Affected: 0 , < 1.25.10 (semver)
    Affected: 1.26.0-0 , < 1.26.3 (semver)
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 10)     cpe:/o:redhat:enterprise_linux:10.2
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 9)     cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Logging Subsystem for Red Hat OpenShift 6.4     cpe:/a:redhat:logging:6.4::el9
    Create a notification for this product.
    Red Hat Red Hat Developer Hub 1.9     cpe:/a:redhat:rhdh:1.9::el9
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.0     cpe:/a:redhat:service_mesh:3.0::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.1     cpe:/a:redhat:service_mesh:3.1::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.2     cpe:/a:redhat:service_mesh:3.2::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.3     cpe:/a:redhat:service_mesh:3.3::el9
    Create a notification for this product.
    Red Hat Assisted Installer for Red Hat OpenShift Container Platform 2     cpe:/a:redhat:assisted_installer:2
    Create a notification for this product.
    Red Hat Builds for Red Hat OpenShift     cpe:/a:redhat:openshift_builds:1
    Create a notification for this product.
    Red Hat cert-manager Operator for Red Hat OpenShift     cpe:/a:redhat:cert_manager:1
    Create a notification for this product.
    Red Hat Compliance Operator     cpe:/a:redhat:openshift_compliance_operator:1
    Create a notification for this product.
    Red Hat Confidential Compute Attestation     cpe:/a:redhat:confidential_compute_attestation:1
    Create a notification for this product.
    Red Hat Cryostat 4     cpe:/a:redhat:cryostat:4
    Create a notification for this product.
    Red Hat Custom Metric Autoscaler operator for Red Hat Openshift     cpe:/a:redhat:openshift_custom_metrics_autoscaler:2
    Create a notification for this product.
    Red Hat Deployment Validation Operator     cpe:/a:redhat:deployment_validator_operator
    Create a notification for this product.
    Red Hat External Secrets Operator for Red Hat OpenShift     cpe:/a:redhat:external_secrets_operator:1
    Create a notification for this product.
    Red Hat Fence Agents Remediation Operator     cpe:/a:redhat:workload_availability_far:0
    Create a notification for this product.
    Red Hat File Integrity Operator     cpe:/a:redhat:openshift_file_integrity_operator:1
    Create a notification for this product.
    Red Hat Gatekeeper 3     cpe:/a:redhat:gatekeeper:3
    Create a notification for this product.
    Red Hat Logging Subsystem for Red Hat OpenShift     cpe:/a:redhat:logging:6
    Create a notification for this product.
    Red Hat Logical Volume Manager Storage     cpe:/a:redhat:lvms:4
    Create a notification for this product.
    Red Hat Machine Deletion Remediation Operator     cpe:/a:redhat:workload_availability_mdr:0
    Create a notification for this product.
    Red Hat Migration Toolkit for Applications 8     cpe:/a:redhat:migration_toolkit_applications:8
    Create a notification for this product.
    Red Hat Migration Toolkit for Containers     cpe:/a:redhat:rhmt:1
    Create a notification for this product.
    Red Hat mirror registry for Red Hat OpenShift     cpe:/a:redhat:mirror_registry:1
    Create a notification for this product.
    Red Hat mirror registry for Red Hat OpenShift 2     cpe:/a:redhat:mirror_registry:2
    Create a notification for this product.
    Red Hat Multiarch Tuning Operator     cpe:/a:redhat:multiarch_tuning_operator
    Create a notification for this product.
    Red Hat Multicluster Engine for Kubernetes     cpe:/a:redhat:multicluster_engine
    Create a notification for this product.
    Red Hat Multicluster Global Hub     cpe:/a:redhat:multicluster_globalhub
    Create a notification for this product.
    Red Hat Network Observability Operator     cpe:/a:redhat:network_observ_optr:1
    Create a notification for this product.
    Red Hat Node HealthCheck Operator     cpe:/a:redhat:workload_availability_nhc:0
    Create a notification for this product.
    Red Hat OpenShift API for Data Protection     cpe:/a:redhat:openshift_api_data_protection:1
    Create a notification for this product.
    Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
    Create a notification for this product.
    Red Hat OpenShift Lightspeed     cpe:/a:redhat:openshift_lightspeed
    Create a notification for this product.
    Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
    Create a notification for this product.
    Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
    Create a notification for this product.
    Red Hat OpenShift Source-to-Image (S2I)     cpe:/a:redhat:source_to_image:1
    Create a notification for this product.
    Red Hat Power monitoring for Red Hat OpenShift     cpe:/a:redhat:openshift_power_monitoring
    Create a notification for this product.
    Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
    Create a notification for this product.
    Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
    Create a notification for this product.
    Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
    Create a notification for this product.
    Red Hat Red Hat build of Apicurio Registry 2     cpe:/a:redhat:service_registry:2
    Create a notification for this product.
    Red Hat Red Hat Ceph Storage 5     cpe:/a:redhat:ceph_storage:5
    Create a notification for this product.
    Red Hat Red Hat Ceph Storage 6     cpe:/a:redhat:ceph_storage:6
    Create a notification for this product.
    Red Hat Red Hat Ceph Storage 9     cpe:/a:redhat:ceph_storage:9
    Create a notification for this product.
    Red Hat Red Hat Certification Program for Red Hat Enterprise Linux 9     cpe:/a:redhat:certifications:9
    Create a notification for this product.
    Red Hat Red Hat Connectivity Link 1     cpe:/a:redhat:connectivity_link:1
    Create a notification for this product.
    Red Hat Red Hat Edge Manager 1     cpe:/a:redhat:edge_manager:1
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AI (RHEL AI) 3     cpe:/a:redhat:enterprise_linux_ai:3
    Create a notification for this product.
    Red Hat Red Hat Lightspeed for Runtimes Operator     cpe:/a:redhat:lightspeed_for_runtimes:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
    Create a notification for this product.
    Red Hat Red Hat OpenShift Cluster Manager CLI     cpe:/a:redhat:openshift_cluster_manager_cli:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Red Hat Red Hat Openshift Data Foundation 4     cpe:/a:redhat:openshift_data_foundation:4
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces     cpe:/a:redhat:openshift_devspaces:3
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Workspaces Operator     cpe:/a:redhat:devworkspace
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3     cpe:/a:redhat:openshift_distributed_tracing:3
    Create a notification for this product.
    Red Hat Red Hat OpenShift for Windows Containers     cpe:/a:redhat:windows_machine_config
    Create a notification for this product.
    Red Hat Red Hat OpenShift GitOps     cpe:/a:redhat:openshift_gitops:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift on AWS     cpe:/a:redhat:openshift_service_on_aws:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 18.0     cpe:/a:redhat:openstack:18.0
    Create a notification for this product.
    Red Hat Red Hat Quay 3     cpe:/a:redhat:quay:3
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat Red Hat Service Interconnect 1     cpe:/a:redhat:service_interconnect:1
    Create a notification for this product.
    Red Hat Red Hat Service Interconnect 2     cpe:/a:redhat:service_interconnect:2
    Create a notification for this product.
    Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
    Create a notification for this product.
    Red Hat Red Hat Web Terminal     cpe:/a:redhat:webterminal:1
    Create a notification for this product.
    Red Hat Security Profiles Operator     cpe:/a:redhat:openshift_security_profiles_operator:1
    Create a notification for this product.
    Red Hat Service Telemetry Framework 1.5     cpe:/a:redhat:stf:1.5
    Create a notification for this product.
    Red Hat streams for Apache Kafka 3     cpe:/a:redhat:amq_streams:3
    Create a notification for this product.
    Red Hat Zero Trust Workload Identity Manager     cpe:/a:redhat:zero_trust_workload_identity_manager:1
    Create a notification for this product.
    Red Hat Zero Trust Workload Identity Manager - Tech Preview     cpe:/a:redhat:zero_trust_workload_identity_manager:0
    Create a notification for this product.
    Red Hat OpenShift Service Mesh 2     cpe:/a:redhat:service_mesh:2
    Create a notification for this product.
    Red Hat OpenShift Service Mesh 3     cpe:/a:redhat:service_mesh:3
    Create a notification for this product.
    Red Hat Red Hat 3scale API Management Platform 2     cpe:/a:redhat:red_hat_3scale_amp:2
    Create a notification for this product.
    Red Hat Red Hat AMQ Clients     cpe:/a:redhat:amq_clients:2023
    Create a notification for this product.
    Credits
    hamayanhamayan
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-33811",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T14:25:39.702568Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T14:25:43.896Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:logging:6.4::el9"
                ],
                "defaultStatus": "affected",
                "product": "Logging Subsystem for Red Hat OpenShift 6.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhdh:1.9::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Developer Hub 1.9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.0::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.2::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.3::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:assisted_installer:2"
                ],
                "defaultStatus": "affected",
                "product": "Assisted Installer for Red Hat OpenShift Container Platform 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_builds:1"
                ],
                "defaultStatus": "affected",
                "product": "Builds for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:cert_manager:1"
                ],
                "defaultStatus": "affected",
                "product": "cert-manager Operator for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_compliance_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "Compliance Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:confidential_compute_attestation:1"
                ],
                "defaultStatus": "affected",
                "product": "Confidential Compute Attestation",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:cryostat:4"
                ],
                "defaultStatus": "affected",
                "product": "Cryostat 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2"
                ],
                "defaultStatus": "affected",
                "product": "Custom Metric Autoscaler operator for Red Hat Openshift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:deployment_validator_operator"
                ],
                "defaultStatus": "affected",
                "product": "Deployment Validation Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:external_secrets_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "External Secrets Operator for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:workload_availability_far:0"
                ],
                "defaultStatus": "affected",
                "product": "Fence Agents Remediation Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_file_integrity_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "File Integrity Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:gatekeeper:3"
                ],
                "defaultStatus": "affected",
                "product": "Gatekeeper 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:logging:6"
                ],
                "defaultStatus": "affected",
                "product": "Logging Subsystem for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:lvms:4"
                ],
                "defaultStatus": "affected",
                "product": "Logical Volume Manager Storage",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:workload_availability_mdr:0"
                ],
                "defaultStatus": "affected",
                "product": "Machine Deletion Remediation Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:migration_toolkit_applications:8"
                ],
                "defaultStatus": "affected",
                "product": "Migration Toolkit for Applications 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhmt:1"
                ],
                "defaultStatus": "affected",
                "product": "Migration Toolkit for Containers",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:mirror_registry:1"
                ],
                "defaultStatus": "affected",
                "product": "mirror registry for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:mirror_registry:2"
                ],
                "defaultStatus": "affected",
                "product": "mirror registry for Red Hat OpenShift 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multiarch_tuning_operator"
                ],
                "defaultStatus": "affected",
                "product": "Multiarch Tuning Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_engine"
                ],
                "defaultStatus": "affected",
                "product": "Multicluster Engine for Kubernetes",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_globalhub"
                ],
                "defaultStatus": "affected",
                "product": "Multicluster Global Hub",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:network_observ_optr:1"
                ],
                "defaultStatus": "affected",
                "product": "Network Observability Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:workload_availability_nhc:0"
                ],
                "defaultStatus": "affected",
                "product": "Node HealthCheck Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_api_data_protection:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift API for Data Protection",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_lightspeed"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Lightspeed",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_pipelines:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Pipelines",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:serverless:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Serverless",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:source_to_image:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Source-to-Image (S2I)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_power_monitoring"
                ],
                "defaultStatus": "affected",
                "product": "Power monitoring for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:acm:2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:advanced_cluster_security:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Advanced Cluster Security 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ansible_automation_platform:2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ansible Automation Platform 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_registry:2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Apicurio Registry 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ceph_storage:5"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ceph Storage 5",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ceph_storage:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ceph Storage 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ceph_storage:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ceph Storage 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:certifications:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Certification Program for Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:connectivity_link:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Connectivity Link 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:edge_manager:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Edge Manager 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux_ai:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:lightspeed_for_runtimes:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Lightspeed for Runtimes Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_ai"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift AI (RHOAI)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_cluster_manager_cli:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Cluster Manager CLI",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_data_foundation:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Openshift Data Foundation 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Dev Spaces",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:devworkspace"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Dev Workspaces Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_distributed_tracing:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift distributed tracing 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:windows_machine_config"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift for Windows Containers",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_gitops:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift GitOps",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_service_on_aws:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift on AWS",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:container_native_virtualization:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Virtualization 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:16.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenStack Platform 16.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:17.1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenStack Platform 17.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:18.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenStack Platform 18.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_interconnect:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Service Interconnect 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_interconnect:2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Service Interconnect 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:trusted_artifact_signer:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Trusted Artifact Signer",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:webterminal:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Web Terminal",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_security_profiles_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "Security Profiles Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:stf:1.5"
                ],
                "defaultStatus": "affected",
                "product": "Service Telemetry Framework 1.5",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "affected",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:zero_trust_workload_identity_manager:1"
                ],
                "defaultStatus": "affected",
                "product": "Zero Trust Workload Identity Manager",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:zero_trust_workload_identity_manager:0"
                ],
                "defaultStatus": "affected",
                "product": "Zero Trust Workload Identity Manager - Tech Preview",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:2"
                ],
                "defaultStatus": "unaffected",
                "product": "OpenShift Service Mesh 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3"
                ],
                "defaultStatus": "unaffected",
                "product": "OpenShift Service Mesh 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:red_hat_3scale_amp:2"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat 3scale API Management Platform 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_clients:2023"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat AMQ Clients",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-07T19:41:19.285Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-1341",
                    "description": "Multiple Releases of Same Resource or Handle",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-02T12:04:50.996Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-33811"
              },
              {
                "name": "RHBZ#2467822",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467822"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33811.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34357"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34359"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34364"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33574"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23262"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23264"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33120"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33123"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33142"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33150"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:34357: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:34359: Red Hat Enterprise Linux AppStream (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:34364: Logging Subsystem for Red Hat OpenShift 6.4"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33574: Red Hat Developer Hub 1.9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23262: Red Hat Hardened Images"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23264: Red Hat Hardened Images"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33120: Red Hat OpenShift Service Mesh 3.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33123: Red Hat OpenShift Service Mesh 3.1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33142: Red Hat OpenShift Service Mesh 3.2"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33150: Red Hat OpenShift Service Mesh 3.3"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-07T20:01:34.913Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-07T19:41:19.285Z",
                "value": "Made public."
              }
            ],
            "title": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME",
            "workarounds": [
              {
                "lang": "en",
                "value": "To mitigate this issue, applications can be configured to use the pure Go DNS resolver instead of the `cgo` DNS resolver. This can be achieved by setting the `GODEBUG` environment variable to `netdns=go`. For example, to run a Go application with this mitigation: `GODEBUG=netdns=go /path/to/your/go/application`. This change may require restarting affected applications or services to take effect. Users should verify that this change does not negatively impact DNS resolution for their specific application environment."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net",
              "product": "net",
              "programRoutines": [
                {
                  "name": "cgoResSearch"
                },
                {
                  "name": "LookupCNAME"
                },
                {
                  "name": "Resolver.LookupCNAME"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.25.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.3",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "hamayanhamayan"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-415: Double Free",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T19:41:19.285Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/78803"
            },
            {
              "url": "https://go.dev/cl/767860"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4981"
            }
          ],
          "title": "Crash when handling long CNAME response in net"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-33811",
        "datePublished": "2026-05-07T19:41:19.285Z",
        "dateReserved": "2026-03-23T20:35:32.814Z",
        "dateUpdated": "2026-07-02T12:04:50.996Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-33810 (GCVE-0-2026-33810)

    Vulnerability from nvd – Published: 2026-04-08 01:06 – Updated: 2026-07-02 12:04
    VLAI
    Title
    Case-sensitive excludedSubtrees name constraints cause Auth Bypass in crypto/x509
    Summary
    When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-295 - Improper Certificate Validation
    • CWE-1289 - Improper Validation of Unsafe Equivalence in Input
    Assigner
    Go
    References
    URL Tags
    https://go.dev/cl/763763
    https://go.dev/issue/78332
    https://groups.google.com/g/golang-announce/c/0uY…
    https://pkg.go.dev/vuln/GO-2026-4866
    http://www.openwall.com/lists/oss-security/2026/04/19/4
    http://www.openwall.com/lists/oss-security/2026/04/20/1
    https://access.redhat.com/security/cve/CVE-2026-33810 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2456335 issue-trackingx_refsource_REDHAT
    https://security.access.redhat.com/data/csaf/v2/v… x_sadp-csaf-vex
    https://access.redhat.com/errata/RHSA-2026:14391 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:28047 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34365 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19719 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19144 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19135 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19721 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19720 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19353 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:25089 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:26585 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22862 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22347 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:21769 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:23345 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:29854 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:26568 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:26571 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13545 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:7291 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22485 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:10155 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:10158 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:21772 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:9385 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24478 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22960 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22958 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22962 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22959 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22961 vendor-advisoryx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Go standard library crypto/x509 Affected: 1.26.0-0 , < 1.26.2 (semver)
    Create a notification for this product.
    Red Hat Cryostat 4 on RHEL 9     cpe:/a:redhat:cryostat:4::el9
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
        cpe:/a:redhat:openstack:17.1::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.19 for RHEL 9     cpe:/a:redhat:satellite:6.19::el9
        cpe:/a:redhat:satellite_capsule:6.19::el9
        cpe:/a:redhat:satellite_maintenance:6.19::el9
        cpe:/a:redhat:satellite_utils:6.19::el9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream EUS (v. 10.0)     cpe:/o:redhat:enterprise_linux_eus:10.0
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 10)     cpe:/o:redhat:enterprise_linux:10.2
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream EUS (v.9.4)     cpe:/a:redhat:rhel_eus:9.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream EUS (v.9.6)     cpe:/a:redhat:rhel_eus:9.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 9)     cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat HawtIO HawtIO 4.4.0     cpe:/a:redhat:apache_camel_hawtio:4.4::el9
    Create a notification for this product.
    Red Hat Logging Subsystem for Red Hat OpenShift 6.0     cpe:/a:redhat:logging:6.0::el9
    Create a notification for this product.
    Red Hat Logging Subsystem for Red Hat OpenShift 6.4     cpe:/a:redhat:logging:6.4::el9
    Create a notification for this product.
    Red Hat Multicluster Global Hub 1.4.5     cpe:/a:redhat:multicluster_globalhub:1.4::el9
    Create a notification for this product.
    Red Hat Multicluster Global Hub 1.5.4     cpe:/a:redhat:multicluster_globalhub:1.5::el9
    Create a notification for this product.
    Red Hat Multicluster Global Hub 1.6.2     cpe:/a:redhat:multicluster_globalhub:1.6::el9
    Create a notification for this product.
    Red Hat OpenShift API for Data Protection 1.4     cpe:/a:redhat:openshift_api_data_protection:1.4::el9
    Create a notification for this product.
    Red Hat OpenShift API for Data Protection 1.5     cpe:/a:redhat:openshift_api_data_protection:1.5::el9
    Create a notification for this product.
    Red Hat OpenShift Compliance Operator 1     cpe:/a:redhat:openshift_compliance_operator:1::el9
    Create a notification for this product.
    Red Hat Red Hat Ansible Automation Platform 2.6     cpe:/a:redhat:ansible_automation_platform:2.6::el9
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat Lightspeed (formerly Insights) for Runtimes 1     cpe:/a:redhat:lightspeed_for_runtimes:1.0::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Builds 1.6.5     cpe:/a:redhat:openshift_builds:1.6::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Builds 1.7.3     cpe:/a:redhat:openshift_builds:1.7::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces 3.28     cpe:/a:redhat:openshift_devspaces:3.28::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.9.3     cpe:/a:redhat:openshift_distributed_tracing:3.9::el9
    Create a notification for this product.
    Red Hat Red Hat Trusted Artifact Signer 1.3     cpe:/a:redhat:trusted_artifact_signer:1.3::el9
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.11     cpe:/a:redhat:webterminal:1.11::el9
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.12     cpe:/a:redhat:webterminal:1.12::el9
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.13     cpe:/a:redhat:webterminal:1.13::el9
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.14     cpe:/a:redhat:webterminal:1.14::el9
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.15     cpe:/a:redhat:webterminal:1.15::el9
    Create a notification for this product.
    Red Hat Assisted Installer for Red Hat OpenShift Container Platform 2     cpe:/a:redhat:assisted_installer:2
    Create a notification for this product.
    Red Hat cert-manager Operator for Red Hat OpenShift     cpe:/a:redhat:cert_manager:1
    Create a notification for this product.
    Red Hat Confidential Compute Attestation     cpe:/a:redhat:confidential_compute_attestation:1
    Create a notification for this product.
    Red Hat Deployment Validation Operator     cpe:/a:redhat:deployment_validator_operator
    Create a notification for this product.
    Red Hat Fence Agents Remediation Operator     cpe:/a:redhat:workload_availability_far:0
    Create a notification for this product.
    Red Hat File Integrity Operator     cpe:/a:redhat:openshift_file_integrity_operator:1
    Create a notification for this product.
    Red Hat Gatekeeper 3     cpe:/a:redhat:gatekeeper:3
    Create a notification for this product.
    Red Hat Logging Subsystem for Red Hat OpenShift     cpe:/a:redhat:logging:5
    Create a notification for this product.
    Red Hat Migration Toolkit for Containers     cpe:/a:redhat:rhmt:1
    Create a notification for this product.
    Red Hat mirror registry for Red Hat OpenShift     cpe:/a:redhat:mirror_registry:1
    Create a notification for this product.
    Red Hat Multicluster Engine for Kubernetes     cpe:/a:redhat:multicluster_engine
    Create a notification for this product.
    Red Hat Node HealthCheck Operator     cpe:/a:redhat:workload_availability_nhc:0
    Create a notification for this product.
    Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
    Create a notification for this product.
    Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
    Create a notification for this product.
    Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
    Create a notification for this product.
    Red Hat Red Hat 3scale API Management Platform 2     cpe:/a:redhat:red_hat_3scale_amp:2
    Create a notification for this product.
    Red Hat Red Hat Certification Program for Red Hat Enterprise Linux 9     cpe:/a:redhat:certifications:9
    Create a notification for this product.
    Red Hat Red Hat Connectivity Link 1     cpe:/a:redhat:connectivity_link:1
    Create a notification for this product.
    Red Hat Red Hat Edge Manager 1     cpe:/a:redhat:edge_manager:1
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AI (RHEL AI) 3     cpe:/a:redhat:enterprise_linux_ai:3
    Create a notification for this product.
    Red Hat Red Hat OpenShift Cluster Manager CLI     cpe:/a:redhat:openshift_cluster_manager_cli:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Red Hat Red Hat Openshift Data Foundation 4     cpe:/a:redhat:openshift_data_foundation:4
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Workspaces Operator     cpe:/a:redhat:devworkspace
    Create a notification for this product.
    Red Hat Red Hat OpenShift GitOps     cpe:/a:redhat:openshift_gitops:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift on AWS     cpe:/a:redhat:openshift_service_on_aws:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 18.0     cpe:/a:redhat:openstack:18.0
    Create a notification for this product.
    Red Hat Red Hat Quay 3     cpe:/a:redhat:quay:3
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat Security Profiles Operator     cpe:/a:redhat:openshift_security_profiles_operator:1
    Create a notification for this product.
    Red Hat Custom Metric Autoscaler operator for Red Hat Openshift     cpe:/a:redhat:openshift_custom_metrics_autoscaler:2
    Create a notification for this product.
    Red Hat External Secrets Operator for Red Hat OpenShift     cpe:/a:redhat:external_secrets_operator:1
    Create a notification for this product.
    Red Hat ExternalDNS Operator     cpe:/a:redhat:ext_dns_optr:1
    Create a notification for this product.
    Red Hat Logical Volume Manager Storage     cpe:/a:redhat:lvms:4
    Create a notification for this product.
    Red Hat Machine Deletion Remediation Operator     cpe:/a:redhat:workload_availability_mdr:0
    Create a notification for this product.
    Red Hat Migration Toolkit for Applications 8     cpe:/a:redhat:migration_toolkit_applications:8
    Create a notification for this product.
    Red Hat mirror registry for Red Hat OpenShift 2     cpe:/a:redhat:mirror_registry:2
    Create a notification for this product.
    Red Hat Network Observability Operator     cpe:/a:redhat:network_observ_optr:1
    Create a notification for this product.
    Red Hat OpenShift Lightspeed     cpe:/a:redhat:openshift_lightspeed
    Create a notification for this product.
    Red Hat OpenShift Service Mesh 2     cpe:/a:redhat:service_mesh:2
    Create a notification for this product.
    Red Hat OpenShift Service Mesh 3     cpe:/a:redhat:service_mesh:3
    Create a notification for this product.
    Red Hat Power monitoring for Red Hat OpenShift     cpe:/a:redhat:openshift_power_monitoring
    Create a notification for this product.
    Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
    Create a notification for this product.
    Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
    Create a notification for this product.
    Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
    Create a notification for this product.
    Red Hat Red Hat Developer Hub     cpe:/a:redhat:rhdh:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
    Create a notification for this product.
    Red Hat Red Hat OpenShift for Windows Containers     cpe:/a:redhat:windows_machine_config
    Create a notification for this product.
    Red Hat Red Hat Service Interconnect 1     cpe:/a:redhat:service_interconnect:1
    Create a notification for this product.
    Red Hat Red Hat Service Interconnect 2     cpe:/a:redhat:service_interconnect:2
    Create a notification for this product.
    Red Hat Service Telemetry Framework 1.5     cpe:/a:redhat:stf:1.5
    Create a notification for this product.
    Red Hat streams for Apache Kafka 3     cpe:/a:redhat:amq_streams:3
    Create a notification for this product.
    Red Hat Zero Trust Workload Identity Manager     cpe:/a:redhat:zero_trust_workload_identity_manager:1
    Create a notification for this product.
    Red Hat Zero Trust Workload Identity Manager - Tech Preview     cpe:/a:redhat:zero_trust_workload_identity_manager:0
    Create a notification for this product.
    Credits
    Riyas from Saintgits College of Engineering k1rnt @1seal
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-33810",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-13T17:48:57.879958Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-13T18:20:37.411Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2026-04-20T17:23:21.823Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/19/4"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/20/1"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:cryostat:4::el9"
                ],
                "defaultStatus": "affected",
                "product": "Cryostat 4 on RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:17.1",
                  "cpe:/a:redhat:openstack:17.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenStack Platform 17.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.19::el9",
                  "cpe:/a:redhat:satellite_capsule:6.19::el9",
                  "cpe:/a:redhat:satellite_maintenance:6.19::el9",
                  "cpe:/a:redhat:satellite_utils:6.19::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.19 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux_eus:10.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.4::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.6::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apache_camel_hawtio:4.4::el9"
                ],
                "defaultStatus": "affected",
                "product": "HawtIO HawtIO 4.4.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:logging:6.0::el9"
                ],
                "defaultStatus": "affected",
                "product": "Logging Subsystem for Red Hat OpenShift 6.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:logging:6.4::el9"
                ],
                "defaultStatus": "affected",
                "product": "Logging Subsystem for Red Hat OpenShift 6.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_globalhub:1.4::el9"
                ],
                "defaultStatus": "affected",
                "product": "Multicluster Global Hub 1.4.5",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_globalhub:1.5::el9"
                ],
                "defaultStatus": "affected",
                "product": "Multicluster Global Hub 1.5.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_globalhub:1.6::el9"
                ],
                "defaultStatus": "affected",
                "product": "Multicluster Global Hub 1.6.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_api_data_protection:1.4::el9"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift API for Data Protection 1.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_api_data_protection:1.5::el9"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift API for Data Protection 1.5",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_compliance_operator:1::el9"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Compliance Operator 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ansible_automation_platform:2.6::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ansible Automation Platform 2.6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:lightspeed_for_runtimes:1.0::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Lightspeed (formerly Insights) for Runtimes 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_builds:1.6::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Builds 1.6.5",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_builds:1.7::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Builds 1.7.3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3.28::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Dev Spaces 3.28",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_distributed_tracing:3.9::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift distributed tracing 3.9.3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:trusted_artifact_signer:1.3::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Trusted Artifact Signer 1.3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:webterminal:1.11::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Web Terminal 1.11",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:webterminal:1.12::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Web Terminal 1.12",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:webterminal:1.13::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Web Terminal 1.13",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:webterminal:1.14::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Web Terminal 1.14",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:webterminal:1.15::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Web Terminal 1.15",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:assisted_installer:2"
                ],
                "defaultStatus": "affected",
                "product": "Assisted Installer for Red Hat OpenShift Container Platform 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:cert_manager:1"
                ],
                "defaultStatus": "affected",
                "product": "cert-manager Operator for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:confidential_compute_attestation:1"
                ],
                "defaultStatus": "affected",
                "product": "Confidential Compute Attestation",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:deployment_validator_operator"
                ],
                "defaultStatus": "affected",
                "product": "Deployment Validation Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:workload_availability_far:0"
                ],
                "defaultStatus": "affected",
                "product": "Fence Agents Remediation Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_file_integrity_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "File Integrity Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:gatekeeper:3"
                ],
                "defaultStatus": "affected",
                "product": "Gatekeeper 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:logging:5"
                ],
                "defaultStatus": "affected",
                "product": "Logging Subsystem for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhmt:1"
                ],
                "defaultStatus": "affected",
                "product": "Migration Toolkit for Containers",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:mirror_registry:1"
                ],
                "defaultStatus": "affected",
                "product": "mirror registry for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_engine"
                ],
                "defaultStatus": "affected",
                "product": "Multicluster Engine for Kubernetes",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:workload_availability_nhc:0"
                ],
                "defaultStatus": "affected",
                "product": "Node HealthCheck Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_pipelines:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Pipelines",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:serverless:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Serverless",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:red_hat_3scale_amp:2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat 3scale API Management Platform 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:certifications:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Certification Program for Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:connectivity_link:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Connectivity Link 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:edge_manager:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Edge Manager 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux_ai:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_cluster_manager_cli:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Cluster Manager CLI",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_data_foundation:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Openshift Data Foundation 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:devworkspace"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Dev Workspaces Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_gitops:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift GitOps",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_service_on_aws:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift on AWS",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:container_native_virtualization:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Virtualization 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:16.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenStack Platform 16.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:18.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenStack Platform 18.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_security_profiles_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "Security Profiles Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2"
                ],
                "defaultStatus": "unaffected",
                "product": "Custom Metric Autoscaler operator for Red Hat Openshift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:external_secrets_operator:1"
                ],
                "defaultStatus": "unaffected",
                "product": "External Secrets Operator for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ext_dns_optr:1"
                ],
                "defaultStatus": "unaffected",
                "product": "ExternalDNS Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:lvms:4"
                ],
                "defaultStatus": "unaffected",
                "product": "Logical Volume Manager Storage",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:workload_availability_mdr:0"
                ],
                "defaultStatus": "unaffected",
                "product": "Machine Deletion Remediation Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:migration_toolkit_applications:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Migration Toolkit for Applications 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:mirror_registry:2"
                ],
                "defaultStatus": "unaffected",
                "product": "mirror registry for Red Hat OpenShift 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:network_observ_optr:1"
                ],
                "defaultStatus": "unaffected",
                "product": "Network Observability Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_lightspeed"
                ],
                "defaultStatus": "unaffected",
                "product": "OpenShift Lightspeed",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:2"
                ],
                "defaultStatus": "unaffected",
                "product": "OpenShift Service Mesh 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3"
                ],
                "defaultStatus": "unaffected",
                "product": "OpenShift Service Mesh 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_power_monitoring"
                ],
                "defaultStatus": "unaffected",
                "product": "Power monitoring for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:acm:2"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:advanced_cluster_security:4"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Advanced Cluster Security 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ansible_automation_platform:2"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Ansible Automation Platform 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhdh:1"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Developer Hub",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_ai"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenShift AI (RHOAI)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:windows_machine_config"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenShift for Windows Containers",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_interconnect:1"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Service Interconnect 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_interconnect:2"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Service Interconnect 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:stf:1.5"
                ],
                "defaultStatus": "unaffected",
                "product": "Service Telemetry Framework 1.5",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "unaffected",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:zero_trust_workload_identity_manager:1"
                ],
                "defaultStatus": "unaffected",
                "product": "Zero Trust Workload Identity Manager",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:zero_trust_workload_identity_manager:0"
                ],
                "defaultStatus": "unaffected",
                "product": "Zero Trust Workload Identity Manager - Tech Preview",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-08T01:06:56.546Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in the `crypto/x509` package within Go (golang). When verifying a certificate chain, excluded DNS (Domain Name System) constraints are not correctly applied to wildcard DNS Subject Alternative Names (SANs) if the case of the SAN differs from the constraint. This oversight could allow an attacker to bypass certificate validation, potentially leading to the acceptance of a malicious certificate that should have been rejected. This issue specifically impacts the validation of trusted certificate chains."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "LOW",
                  "baseScore": 8.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "CHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-1289",
                    "description": "Improper Validation of Unsafe Equivalence in Input",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-02T12:04:51.328Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-33810"
              },
              {
                "name": "RHBZ#2456335",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456335"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33810.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14391"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:28047"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34365"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19719"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19144"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19135"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19721"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19720"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19353"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:25089"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:26585"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22862"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22347"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:21769"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23345"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:29854"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:26568"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:26571"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13545"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:7291"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22485"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:10155"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:10158"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:21772"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:9385"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24478"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22960"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22958"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22962"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22959"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22961"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:14391: Cryostat 4 on RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:28047: Red Hat OpenStack Platform 17.1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:34365: Red Hat Satellite 6.19 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19719: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19144: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19135: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19721: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19720: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19353: Red Hat Enterprise Linux AppStream (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:25089: HawtIO HawtIO 4.4.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:26585: Logging Subsystem for Red Hat OpenShift 6.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22862: Logging Subsystem for Red Hat OpenShift 6.4"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22347: Multicluster Global Hub 1.4.5"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:21769: Multicluster Global Hub 1.5.4"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23345: Multicluster Global Hub 1.6.2"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:29854: OpenShift API for Data Protection 1.4"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:26568: OpenShift API for Data Protection 1.5"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:26571: OpenShift Compliance Operator 1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13545: Red Hat Ansible Automation Platform 2.6"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:7291: Red Hat Hardened Images"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22485: Red Hat Lightspeed (formerly Insights) for Runtimes 1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:10155: Red Hat OpenShift Builds 1.6.5"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:10158: Red Hat OpenShift Builds 1.7.3"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:21772: Red Hat OpenShift Dev Spaces 3.28"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:9385: Red Hat OpenShift distributed tracing 3.9.3"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24478: Red Hat Trusted Artifact Signer 1.3"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22960: Red Hat Web Terminal 1.11"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22958: Red Hat Web Terminal 1.12"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22962: Red Hat Web Terminal 1.13"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22959: Red Hat Web Terminal 1.14"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22961: Red Hat Web Terminal 1.15"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-04-08T02:01:09.100Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-08T01:06:56.546Z",
                "value": "Made public."
              }
            ],
            "title": "crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application",
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "crypto/x509",
              "product": "crypto/x509",
              "programRoutines": [
                {
                  "name": "newDNSConstraints"
                },
                {
                  "name": "dnsConstraints.query"
                },
                {
                  "name": "Certificate.Verify"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.26.2",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Riyas from Saintgits College of Engineering"
            },
            {
              "lang": "en",
              "value": "k1rnt"
            },
            {
              "lang": "en",
              "value": "@1seal"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-295: Improper Certificate Validation",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T01:06:56.546Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/763763"
            },
            {
              "url": "https://go.dev/issue/78332"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4866"
            }
          ],
          "title": "Case-sensitive excludedSubtrees name constraints cause Auth Bypass in crypto/x509"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-33810",
        "datePublished": "2026-04-08T01:06:56.546Z",
        "dateReserved": "2026-03-23T20:35:32.814Z",
        "dateUpdated": "2026-07-02T12:04:51.328Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-32289 (GCVE-0-2026-32289)

    Vulnerability from nvd – Published: 2026-04-08 01:06 – Updated: 2026-04-13 18:20
    VLAI
    Title
    JsBraceDepth Context Tracking Bugs (XSS) in html/template
    Summary
    Context was not properly tracked across template branches for JS template literals, leading to possibly incorrect escaping of content when branches were used. Additionally template actions within JS template literals did not properly track the brace depth, leading to incorrect escaping being applied. These issues could cause actions within JS template literals to be incorrectly or improperly escaped, leading to XSS vulnerabilities.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library html/template Affected: 0 , < 1.25.9 (semver)
    Affected: 1.26.0-0 , < 1.26.2 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.1,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "CHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-32289",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-13T17:48:22.714020Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-13T18:20:46.377Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "html/template",
              "product": "html/template",
              "programRoutines": [
                {
                  "name": "context.String"
                },
                {
                  "name": "context.mangle"
                },
                {
                  "name": "escaper.escapeBranch"
                },
                {
                  "name": "Error.Error"
                },
                {
                  "name": "HTMLEscaper"
                },
                {
                  "name": "JSEscape"
                },
                {
                  "name": "JSEscapeString"
                },
                {
                  "name": "JSEscaper"
                },
                {
                  "name": "ParseFS"
                },
                {
                  "name": "ParseFiles"
                },
                {
                  "name": "ParseGlob"
                },
                {
                  "name": "Template.AddParseTree"
                },
                {
                  "name": "Template.Clone"
                },
                {
                  "name": "Template.DefinedTemplates"
                },
                {
                  "name": "Template.Execute"
                },
                {
                  "name": "Template.ExecuteTemplate"
                },
                {
                  "name": "Template.Funcs"
                },
                {
                  "name": "Template.Parse"
                },
                {
                  "name": "Template.ParseFS"
                },
                {
                  "name": "Template.ParseFiles"
                },
                {
                  "name": "Template.ParseGlob"
                },
                {
                  "name": "URLQueryEscaper"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.25.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.2",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Context was not properly tracked across template branches for JS template literals, leading to possibly incorrect escaping of content when branches were used. Additionally template actions within JS template literals did not properly track the brace depth, leading to incorrect escaping being applied. These issues could cause actions within JS template literals to be incorrectly or improperly escaped, leading to XSS vulnerabilities."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T01:06:56.297Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/763762"
            },
            {
              "url": "https://go.dev/issue/78331"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4865"
            }
          ],
          "title": "JsBraceDepth Context Tracking Bugs (XSS) in html/template"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-32289",
        "datePublished": "2026-04-08T01:06:56.297Z",
        "dateReserved": "2026-03-11T16:38:46.557Z",
        "dateUpdated": "2026-04-13T18:20:46.377Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-32288 (GCVE-0-2026-32288)

    Vulnerability from nvd – Published: 2026-04-08 01:06 – Updated: 2026-04-13 18:20
    VLAI
    Title
    Unbounded allocation for old GNU sparse in archive/tar
    Summary
    tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the "old GNU sparse map" format.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library archive/tar Affected: 0 , < 1.25.9 (semver)
    Affected: 1.26.0-0 , < 1.26.2 (semver)
    Create a notification for this product.
    Credits
    Colin Walters (walters@verbum.org) Uuganbayar Lkhamsuren (https://github.com/uug4na) Jakub Ciolek
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 5.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-32288",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-13T17:51:05.649111Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-13T18:20:08.191Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "archive/tar",
              "product": "archive/tar",
              "programRoutines": [
                {
                  "name": "Reader.readOldGNUSparseMap"
                },
                {
                  "name": "readGNUSparseMap1x0"
                },
                {
                  "name": "Reader.Next"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.25.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.2",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Colin Walters (walters@verbum.org)"
            },
            {
              "lang": "en",
              "value": "Uuganbayar Lkhamsuren (https://github.com/uug4na)"
            },
            {
              "lang": "en",
              "value": "Jakub Ciolek"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the \"old GNU sparse map\" format."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-400: Uncontrolled Resource Consumption",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T01:06:57.416Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/763766"
            },
            {
              "url": "https://go.dev/issue/78301"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4869"
            }
          ],
          "title": "Unbounded allocation for old GNU sparse in archive/tar"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-32288",
        "datePublished": "2026-04-08T01:06:57.416Z",
        "dateReserved": "2026-03-11T16:38:46.557Z",
        "dateUpdated": "2026-04-13T18:20:08.191Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-32283 (GCVE-0-2026-32283)

    Vulnerability from nvd – Published: 2026-04-08 01:06 – Updated: 2026-07-02 12:04
    VLAI
    Title
    Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls
    Summary
    If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-667 - Improper Locking
    • CWE-764 - Multiple Locks of a Critical Resource
    Assigner
    Go
    References
    URL Tags
    https://go.dev/cl/763767
    https://go.dev/issue/78334
    https://groups.google.com/g/golang-announce/c/0uY…
    https://pkg.go.dev/vuln/GO-2026-4870
    https://access.redhat.com/security/cve/CVE-2026-32283 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2456338 issue-trackingx_refsource_REDHAT
    https://security.access.redhat.com/data/csaf/v2/v… x_sadp-csaf-vex
    https://access.redhat.com/errata/RHSA-2026:24762 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16101 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24761 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:27076 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:14391 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:28047 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34365 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:20569 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:23103 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19715 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16024 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19550 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:18032 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:18027 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:17084 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19719 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19750 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:20570 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22713 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19714 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:20571 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19450 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:10217 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:11712 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:11881 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:11863 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:17075 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:29195 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:23102 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19133 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19139 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19137 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19134 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19136 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22937 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19144 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19135 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22450 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24470 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19156 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19132 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:29035 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19126 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:33722 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:10704 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16875 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:11507 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:11514 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:15980 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19634 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16102 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34192 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34196 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34197 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19721 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:20607 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:20608 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19722 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16021 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:20556 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19839 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:28038 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19720 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22709 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:17287 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24337 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:20609 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:14200 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:10219 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:11711 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:11704 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:29455 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:29703 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19350 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19352 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19351 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:23228 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19353 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22714 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:26447 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19369 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:28074 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:26636 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22423 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22347 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:21769 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:23345 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:26571 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:7385 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:7291 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22485 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:14162 vendor-advisoryx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Go standard library crypto/tls Affected: 0 , < 1.25.9 (semver)
    Affected: 1.26.0-0 , < 1.26.2 (semver)
    Create a notification for this product.
    Red Hat Red Hat Ansible Automation Platform 2.6 for RHEL 10     cpe:/a:redhat:ansible_automation_platform:2.6::el10
        cpe:/a:redhat:ansible_automation_platform_developer:2.6::el10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Server (v. 7 ELS)     cpe:/o:redhat:rhel_els:7
    Create a notification for this product.
    Red Hat Red Hat Ansible Automation Platform 2.5 for RHEL 8     cpe:/a:redhat:ansible_automation_platform:2.5::el8
        cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8
        cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 8     cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el8
    Create a notification for this product.
    Red Hat Red Hat Ansible Automation Platform 2.5 for RHEL 9     cpe:/a:redhat:ansible_automation_platform:2.5::el9
        cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9
        cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9
    Create a notification for this product.
    Red Hat Red Hat Ansible Automation Platform 2.6 for RHEL 9     cpe:/a:redhat:ansible_automation_platform:2.6::el9
        cpe:/a:redhat:ansible_automation_platform_developer:2.6::el9
        cpe:/a:redhat:ansible_automation_platform_inside:2.6::el9
    Create a notification for this product.
    Red Hat Cryostat 4 on RHEL 9     cpe:/a:redhat:cryostat:4::el9
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
        cpe:/a:redhat:openstack:17.1::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9     cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.19 for RHEL 9     cpe:/a:redhat:satellite:6.19::el9
        cpe:/a:redhat:satellite_capsule:6.19::el9
        cpe:/a:redhat:satellite_maintenance:6.19::el9
        cpe:/a:redhat:satellite_utils:6.19::el9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream EUS (v. 10.0)     cpe:/o:redhat:enterprise_linux_eus:10.0
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 10)     cpe:/o:redhat:enterprise_linux:10.1
        cpe:/o:redhat:enterprise_linux:10.2
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 8)     cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream AUS (v.8.6)     cpe:/a:redhat:rhel_aus:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream E4S (v.8.6)     cpe:/a:redhat:rhel_e4s:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream TUS (v.8.6)     cpe:/a:redhat:rhel_tus:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream E4S (v.9.0)     cpe:/a:redhat:rhel_e4s:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream E4S (v.9.4)     cpe:/a:redhat:rhel_e4s:9.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream EUS (v.9.4)     cpe:/a:redhat:rhel_eus:9.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream EUS (v.9.6)     cpe:/a:redhat:rhel_eus:9.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 9)     cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)     cpe:/o:redhat:enterprise_linux_eus:10.0
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)     cpe:/o:redhat:enterprise_linux:10.1
        cpe:/o:redhat:enterprise_linux:10.2
    Create a notification for this product.
    Red Hat Red Hat CodeReady Linux Builder EUS (v.9.6)     cpe:/a:redhat:rhel_eus:9.6::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)     cpe:/a:redhat:enterprise_linux:9::crb
    Create a notification for this product.
    Red Hat Custom Metric Autoscaler 2.19     cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.19::el9
    Create a notification for this product.
    Red Hat Multicluster Global Hub 1.3.4     cpe:/a:redhat:multicluster_globalhub:1.3::el9
    Create a notification for this product.
    Red Hat Multicluster Global Hub 1.4.5     cpe:/a:redhat:multicluster_globalhub:1.4::el9
    Create a notification for this product.
    Red Hat Multicluster Global Hub 1.5.4     cpe:/a:redhat:multicluster_globalhub:1.5::el9
    Create a notification for this product.
    Red Hat Multicluster Global Hub 1.6.2     cpe:/a:redhat:multicluster_globalhub:1.6::el9
    Create a notification for this product.
    Red Hat OpenShift Compliance Operator 1     cpe:/a:redhat:openshift_compliance_operator:1::el9
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat Lightspeed (formerly Insights) for Runtimes 1     cpe:/a:redhat:lightspeed_for_runtimes:1.0::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.9.3     cpe:/a:redhat:openshift_distributed_tracing:3.9::el9
    Create a notification for this product.
    Red Hat Assisted Installer for Red Hat OpenShift Container Platform 2     cpe:/a:redhat:assisted_installer:2
    Create a notification for this product.
    Red Hat Builds for Red Hat OpenShift     cpe:/a:redhat:openshift_builds:1
    Create a notification for this product.
    Red Hat cert-manager Operator for Red Hat OpenShift     cpe:/a:redhat:cert_manager:1
    Create a notification for this product.
    Red Hat Confidential Compute Attestation     cpe:/a:redhat:confidential_compute_attestation:1
    Create a notification for this product.
    Red Hat Deployment Validation Operator     cpe:/a:redhat:deployment_validator_operator
    Create a notification for this product.
    Red Hat External Secrets Operator for Red Hat OpenShift     cpe:/a:redhat:external_secrets_operator:1
    Create a notification for this product.
    Red Hat ExternalDNS Operator     cpe:/a:redhat:ext_dns_optr:1
    Create a notification for this product.
    Red Hat Fence Agents Remediation Operator     cpe:/a:redhat:workload_availability_far:0
    Create a notification for this product.
    Red Hat File Integrity Operator     cpe:/a:redhat:openshift_file_integrity_operator:1
    Create a notification for this product.
    Red Hat Gatekeeper 3     cpe:/a:redhat:gatekeeper:3
    Create a notification for this product.
    Red Hat Logging Subsystem for Red Hat OpenShift     cpe:/a:redhat:logging:5
    Create a notification for this product.
    Red Hat Logical Volume Manager Storage     cpe:/a:redhat:lvms:4
    Create a notification for this product.
    Red Hat Machine Deletion Remediation Operator     cpe:/a:redhat:workload_availability_mdr:0
    Create a notification for this product.
    Red Hat Migration Toolkit for Containers     cpe:/a:redhat:rhmt:1
    Create a notification for this product.
    Red Hat mirror registry for Red Hat OpenShift     cpe:/a:redhat:mirror_registry:1
    Create a notification for this product.
    Red Hat mirror registry for Red Hat OpenShift 2     cpe:/a:redhat:mirror_registry:2
    Create a notification for this product.
    Red Hat Multicluster Engine for Kubernetes     cpe:/a:redhat:multicluster_engine
    Create a notification for this product.
    Red Hat Network Observability Operator     cpe:/a:redhat:network_observ_optr:1
    Create a notification for this product.
    Red Hat Node HealthCheck Operator     cpe:/a:redhat:workload_availability_nhc:0
    Create a notification for this product.
    Red Hat OpenShift API for Data Protection     cpe:/a:redhat:openshift_api_data_protection:1
    Create a notification for this product.
    Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
    Create a notification for this product.
    Red Hat OpenShift Lightspeed     cpe:/a:redhat:openshift_lightspeed
    Create a notification for this product.
    Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
    Create a notification for this product.
    Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
    Create a notification for this product.
    Red Hat OpenShift Service Mesh 2     cpe:/a:redhat:service_mesh:2
    Create a notification for this product.
    Red Hat OpenShift Service Mesh 3     cpe:/a:redhat:service_mesh:3
    Create a notification for this product.
    Red Hat Power monitoring for Red Hat OpenShift     cpe:/a:redhat:openshift_power_monitoring
    Create a notification for this product.
    Red Hat Red Hat 3scale API Management Platform 2     cpe:/a:redhat:red_hat_3scale_amp:2
    Create a notification for this product.
    Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
    Create a notification for this product.
    Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7     cpe:/a:redhat:amq_broker:7
    Create a notification for this product.
    Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel - HawtIO 4     cpe:/a:redhat:apache_camel_hawtio:4
    Create a notification for this product.
    Red Hat Red Hat build of Apicurio Registry 2     cpe:/a:redhat:service_registry:2
    Create a notification for this product.
    Red Hat Red Hat Certification Program for Red Hat Enterprise Linux 9     cpe:/a:redhat:certifications:9
    Create a notification for this product.
    Red Hat Red Hat Connectivity Link 1     cpe:/a:redhat:connectivity_link:1
    Create a notification for this product.
    Red Hat Red Hat Developer Hub     cpe:/a:redhat:rhdh:1
    Create a notification for this product.
    Red Hat Red Hat Edge Manager 1     cpe:/a:redhat:edge_manager:1
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AI (RHEL AI) 3     cpe:/a:redhat:enterprise_linux_ai:3
    Create a notification for this product.
    Red Hat Red Hat JBoss Web Server 6     cpe:/a:redhat:jboss_enterprise_web_server:6
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
    Create a notification for this product.
    Red Hat Red Hat OpenShift Cluster Manager CLI     cpe:/a:redhat:openshift_cluster_manager_cli:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Red Hat Red Hat Openshift Data Foundation 4     cpe:/a:redhat:openshift_data_foundation:4
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces     cpe:/a:redhat:openshift_devspaces:3
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Workspaces Operator     cpe:/a:redhat:devworkspace
    Create a notification for this product.
    Red Hat Red Hat OpenShift for Windows Containers     cpe:/a:redhat:windows_machine_config
    Create a notification for this product.
    Red Hat Red Hat OpenShift GitOps     cpe:/a:redhat:openshift_gitops:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift on AWS     cpe:/a:redhat:openshift_service_on_aws:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 18.0     cpe:/a:redhat:openstack:18.0
    Create a notification for this product.
    Red Hat Red Hat Quay 3     cpe:/a:redhat:quay:3
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
    Create a notification for this product.
    Red Hat Red Hat Web Terminal     cpe:/a:redhat:webterminal:1
    Create a notification for this product.
    Red Hat Security Profiles Operator     cpe:/a:redhat:openshift_security_profiles_operator:1
    Create a notification for this product.
    Red Hat Service Telemetry Framework 1.5     cpe:/a:redhat:stf:1.5
    Create a notification for this product.
    Red Hat streams for Apache Kafka 3     cpe:/a:redhat:amq_streams:3
    Create a notification for this product.
    Red Hat Zero Trust Workload Identity Manager     cpe:/a:redhat:zero_trust_workload_identity_manager:1
    Create a notification for this product.
    Red Hat Zero Trust Workload Identity Manager - Tech Preview     cpe:/a:redhat:zero_trust_workload_identity_manager:0
    Create a notification for this product.
    Red Hat Migration Toolkit for Applications 8     cpe:/a:redhat:migration_toolkit_applications:8
    Create a notification for this product.
    Red Hat Red Hat Service Interconnect 1     cpe:/a:redhat:service_interconnect:1
    Create a notification for this product.
    Red Hat Red Hat Service Interconnect 2     cpe:/a:redhat:service_interconnect:2
    Create a notification for this product.
    Credits
    Jakub Ciolek - https://ciolek.dev/
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-32283",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-13T17:51:46.207289Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-13T18:19:55.848Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:ansible_automation_platform:2.6::el10",
                  "cpe:/a:redhat:ansible_automation_platform_developer:2.6::el10"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ansible Automation Platform 2.6 for RHEL 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_els:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Server (v. 7 ELS)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ansible_automation_platform:2.5::el8",
                  "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8",
                  "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.16::el8",
                  "cpe:/a:redhat:satellite_capsule:6.16::el8",
                  "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                  "cpe:/a:redhat:satellite_utils:6.16::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.16 for RHEL 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ansible_automation_platform:2.5::el9",
                  "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9",
                  "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ansible_automation_platform:2.6::el9",
                  "cpe:/a:redhat:ansible_automation_platform_developer:2.6::el9",
                  "cpe:/a:redhat:ansible_automation_platform_inside:2.6::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ansible Automation Platform 2.6 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:cryostat:4::el9"
                ],
                "defaultStatus": "affected",
                "product": "Cryostat 4 on RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:17.1",
                  "cpe:/a:redhat:openstack:17.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenStack Platform 17.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.16::el9",
                  "cpe:/a:redhat:satellite_capsule:6.16::el9",
                  "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                  "cpe:/a:redhat:satellite_utils:6.16::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.16 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.19::el9",
                  "cpe:/a:redhat:satellite_capsule:6.19::el9",
                  "cpe:/a:redhat:satellite_maintenance:6.19::el9",
                  "cpe:/a:redhat:satellite_utils:6.19::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.19 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux_eus:10.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.1",
                  "cpe:/o:redhat:enterprise_linux:10.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:8::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_aus:8.6::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream AUS (v.8.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_e4s:8.6::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream E4S (v.8.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_tus:8.6::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream TUS (v.8.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_e4s:9.0::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_e4s:9.4::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream E4S (v.9.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.4::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.6::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux_eus:10.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.1",
                  "cpe:/o:redhat:enterprise_linux:10.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.6::crb"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat CodeReady Linux Builder EUS (v.9.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::crb"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.19::el9"
                ],
                "defaultStatus": "affected",
                "product": "Custom Metric Autoscaler 2.19",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_globalhub:1.3::el9"
                ],
                "defaultStatus": "affected",
                "product": "Multicluster Global Hub 1.3.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_globalhub:1.4::el9"
                ],
                "defaultStatus": "affected",
                "product": "Multicluster Global Hub 1.4.5",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_globalhub:1.5::el9"
                ],
                "defaultStatus": "affected",
                "product": "Multicluster Global Hub 1.5.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_globalhub:1.6::el9"
                ],
                "defaultStatus": "affected",
                "product": "Multicluster Global Hub 1.6.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_compliance_operator:1::el9"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Compliance Operator 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:lightspeed_for_runtimes:1.0::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Lightspeed (formerly Insights) for Runtimes 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_distributed_tracing:3.9::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift distributed tracing 3.9.3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:assisted_installer:2"
                ],
                "defaultStatus": "affected",
                "product": "Assisted Installer for Red Hat OpenShift Container Platform 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_builds:1"
                ],
                "defaultStatus": "affected",
                "product": "Builds for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:cert_manager:1"
                ],
                "defaultStatus": "affected",
                "product": "cert-manager Operator for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:confidential_compute_attestation:1"
                ],
                "defaultStatus": "affected",
                "product": "Confidential Compute Attestation",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:deployment_validator_operator"
                ],
                "defaultStatus": "affected",
                "product": "Deployment Validation Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:external_secrets_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "External Secrets Operator for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ext_dns_optr:1"
                ],
                "defaultStatus": "affected",
                "product": "ExternalDNS Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:workload_availability_far:0"
                ],
                "defaultStatus": "affected",
                "product": "Fence Agents Remediation Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_file_integrity_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "File Integrity Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:gatekeeper:3"
                ],
                "defaultStatus": "affected",
                "product": "Gatekeeper 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:logging:5"
                ],
                "defaultStatus": "affected",
                "product": "Logging Subsystem for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:lvms:4"
                ],
                "defaultStatus": "affected",
                "product": "Logical Volume Manager Storage",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:workload_availability_mdr:0"
                ],
                "defaultStatus": "affected",
                "product": "Machine Deletion Remediation Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhmt:1"
                ],
                "defaultStatus": "affected",
                "product": "Migration Toolkit for Containers",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:mirror_registry:1"
                ],
                "defaultStatus": "affected",
                "product": "mirror registry for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:mirror_registry:2"
                ],
                "defaultStatus": "affected",
                "product": "mirror registry for Red Hat OpenShift 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_engine"
                ],
                "defaultStatus": "affected",
                "product": "Multicluster Engine for Kubernetes",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:network_observ_optr:1"
                ],
                "defaultStatus": "affected",
                "product": "Network Observability Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:workload_availability_nhc:0"
                ],
                "defaultStatus": "affected",
                "product": "Node HealthCheck Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_api_data_protection:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift API for Data Protection",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_lightspeed"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Lightspeed",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_pipelines:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Pipelines",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:serverless:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Serverless",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:2"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Service Mesh 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Service Mesh 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_power_monitoring"
                ],
                "defaultStatus": "affected",
                "product": "Power monitoring for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:red_hat_3scale_amp:2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat 3scale API Management Platform 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:acm:2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:advanced_cluster_security:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Advanced Cluster Security 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat AMQ Broker 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ansible_automation_platform:2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ansible Automation Platform 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apache_camel_hawtio:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Apache Camel - HawtIO 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_registry:2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Apicurio Registry 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:certifications:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Certification Program for Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:connectivity_link:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Connectivity Link 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhdh:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Developer Hub",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:edge_manager:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Edge Manager 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux_ai:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_web_server:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss Web Server 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_ai"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift AI (RHOAI)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_cluster_manager_cli:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Cluster Manager CLI",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_data_foundation:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Openshift Data Foundation 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Dev Spaces",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:devworkspace"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Dev Workspaces Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:windows_machine_config"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift for Windows Containers",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_gitops:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift GitOps",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_service_on_aws:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift on AWS",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:container_native_virtualization:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Virtualization 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:16.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenStack Platform 16.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:18.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenStack Platform 18.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:trusted_artifact_signer:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Trusted Artifact Signer",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:webterminal:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Web Terminal",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_security_profiles_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "Security Profiles Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:stf:1.5"
                ],
                "defaultStatus": "affected",
                "product": "Service Telemetry Framework 1.5",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "affected",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:zero_trust_workload_identity_manager:1"
                ],
                "defaultStatus": "affected",
                "product": "Zero Trust Workload Identity Manager",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:zero_trust_workload_identity_manager:0"
                ],
                "defaultStatus": "affected",
                "product": "Zero Trust Workload Identity Manager - Tech Preview",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:migration_toolkit_applications:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Migration Toolkit for Applications 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_interconnect:1"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Service Interconnect 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_interconnect:2"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Service Interconnect 2",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-08T01:06:57.670Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS)."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-764",
                    "description": "Multiple Locks of a Critical Resource",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-02T12:04:51.663Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-32283"
              },
              {
                "name": "RHBZ#2456338",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32283.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24762"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16101"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24761"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:27076"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14391"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:28047"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34365"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:20569"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23103"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19715"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16024"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19550"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18032"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18027"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:17084"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19719"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19750"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:20570"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22713"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19714"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:20571"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19450"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:10217"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11712"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11881"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11863"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:17075"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:29195"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23102"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19133"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19139"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19137"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19134"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19136"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22937"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19144"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19135"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22450"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24470"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19156"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19132"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:29035"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19126"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33722"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:10704"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16875"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11507"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11514"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:15980"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19634"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16102"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34192"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34196"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34197"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19721"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:20607"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:20608"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19722"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16021"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:20556"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19839"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:28038"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19720"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22709"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:17287"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24337"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:20609"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14200"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:10219"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11711"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11704"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:29455"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:29703"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19350"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19352"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19351"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23228"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19353"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22714"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:26447"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19369"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:28074"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:26636"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22423"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22347"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:21769"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23345"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:26571"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:7385"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:7291"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22485"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14162"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:24762: Red Hat Ansible Automation Platform 2.6 for RHEL 10, Red Hat Ansible Automation Platform 2.6 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16101: Red Hat Enterprise Linux Server (v. 7 ELS)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24761: Red Hat Ansible Automation Platform 2.5 for RHEL 8, Red Hat Ansible Automation Platform 2.5 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:27076: Red Hat Satellite 6.16 for RHEL 8, Red Hat Satellite 6.16 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14391: Cryostat 4 on RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:28047: Red Hat OpenStack Platform 17.1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:34365: Red Hat Satellite 6.19 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:20569: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23103: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19715: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16024: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19550: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:18032: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:18027: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:17084: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19719: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19750: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:20570: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22713: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19714: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:20571: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19450: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:10217: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:11712: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:11881: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:11863: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:17075: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:29195: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23102: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19133: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19139: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19137: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19134: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19136: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22937: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19144: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19135: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22450: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24470: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19156: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19132: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:29035: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19126: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33722: Red Hat Enterprise Linux AppStream (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:10704: Red Hat Enterprise Linux AppStream (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16875: Red Hat Enterprise Linux AppStream (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:11507: Red Hat Enterprise Linux AppStream (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:11514: Red Hat Enterprise Linux AppStream (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:15980: Red Hat Enterprise Linux AppStream (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19634: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16102: Red Hat Enterprise Linux AppStream E4S (v.9.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:34192: Red Hat Enterprise Linux AppStream E4S (v.9.4)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:34196: Red Hat Enterprise Linux AppStream E4S (v.9.4)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:34197: Red Hat Enterprise Linux AppStream E4S (v.9.4)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19721: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:20607: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:20608: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19722: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16021: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:20556: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19839: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:28038: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19720: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22709: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:17287: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24337: Red Hat CodeReady Linux Builder EUS (v.9.6), Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:20609: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14200: Red Hat Enterprise Linux AppStream (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:10219: Red Hat Enterprise Linux AppStream (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:11711: Red Hat Enterprise Linux AppStream (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:11704: Red Hat Enterprise Linux AppStream (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:29455: Red Hat Enterprise Linux AppStream (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:29703: Red Hat Enterprise Linux AppStream (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19350: Red Hat Enterprise Linux AppStream (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19352: Red Hat Enterprise Linux AppStream (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19351: Red Hat Enterprise Linux AppStream (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23228: Red Hat Enterprise Linux AppStream (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19353: Red Hat Enterprise Linux AppStream (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22714: Red Hat Enterprise Linux AppStream (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:26447: Red Hat Enterprise Linux AppStream (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19369: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:28074: Red Hat Enterprise Linux AppStream (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:26636: Custom Metric Autoscaler 2.19"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22423: Multicluster Global Hub 1.3.4"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22347: Multicluster Global Hub 1.4.5"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:21769: Multicluster Global Hub 1.5.4"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23345: Multicluster Global Hub 1.6.2"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:26571: OpenShift Compliance Operator 1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:7385: Red Hat Hardened Images"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:7291: Red Hat Hardened Images"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22485: Red Hat Lightspeed (formerly Insights) for Runtimes 1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14162: Red Hat OpenShift distributed tracing 3.9.3"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-04-08T02:01:16.213Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-08T01:06:57.670Z",
                "value": "Made public."
              }
            ],
            "title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "crypto/tls",
              "product": "crypto/tls",
              "programRoutines": [
                {
                  "name": "Conn.handleKeyUpdate"
                },
                {
                  "name": "clientHandshakeStateTLS13.establishHandshakeKeys"
                },
                {
                  "name": "clientHandshakeStateTLS13.readServerFinished"
                },
                {
                  "name": "serverHandshakeStateTLS13.sendServerParameters"
                },
                {
                  "name": "serverHandshakeStateTLS13.readClientFinished"
                },
                {
                  "name": "Conn.Handshake"
                },
                {
                  "name": "Conn.HandshakeContext"
                },
                {
                  "name": "Conn.Read"
                },
                {
                  "name": "Conn.Write"
                },
                {
                  "name": "Dial"
                },
                {
                  "name": "DialWithDialer"
                },
                {
                  "name": "Dialer.Dial"
                },
                {
                  "name": "Dialer.DialContext"
                },
                {
                  "name": "QUICConn.HandleData"
                },
                {
                  "name": "QUICConn.Start"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.25.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.2",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Jakub Ciolek - https://ciolek.dev/"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-667: Improper Locking",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T01:06:57.670Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/763767"
            },
            {
              "url": "https://go.dev/issue/78334"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4870"
            }
          ],
          "title": "Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-32283",
        "datePublished": "2026-04-08T01:06:57.670Z",
        "dateReserved": "2026-03-11T16:38:46.556Z",
        "dateUpdated": "2026-07-02T12:04:51.663Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-32282 (GCVE-0-2026-32282)

    Vulnerability from nvd – Published: 2026-04-08 01:06 – Updated: 2026-04-13 18:20
    VLAI
    Title
    TOCTOU permits root escape on Linux via Root.Chmod in os in internal/syscall/unix
    Summary
    On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag, which Root.Chmod uses to avoid symlink traversal. Root.Chmod checks its target before acting and returns an error if the target is a symlink lying outside the root, so the impact is limited to cases where the target is replaced with a symlink between the check and operation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-61 - UNIX Symbolic Link (Symlink) Following
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library internal/syscall/unix Affected: 0 , < 1.25.9 (semver)
    Affected: 1.26.0-0 , < 1.26.2 (semver)
    Create a notification for this product.
    Credits
    Uuganbayar Lkhamsuren (https://github.com/uug4na)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 6.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "HIGH",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-32282",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-13T17:47:42.666766Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-13T18:20:56.456Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "internal/syscall/unix",
              "platforms": [
                "linux"
              ],
              "product": "internal/syscall/unix",
              "programRoutines": [
                {
                  "name": "Fchmodat"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.25.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.2",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Uuganbayar Lkhamsuren (https://github.com/uug4na)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag, which Root.Chmod uses to avoid symlink traversal. Root.Chmod checks its target before acting and returns an error if the target is a symlink lying outside the root, so the impact is limited to cases where the target is replaced with a symlink between the check and operation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-61: UNIX Symbolic Link (Symlink) Following",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T01:06:55.953Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/763761"
            },
            {
              "url": "https://go.dev/issue/78293"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4864"
            }
          ],
          "title": "TOCTOU permits root escape on Linux via Root.Chmod in os in internal/syscall/unix"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-32282",
        "datePublished": "2026-04-08T01:06:55.953Z",
        "dateReserved": "2026-03-11T16:38:46.556Z",
        "dateUpdated": "2026-04-13T18:20:56.456Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-32281 (GCVE-0-2026-32281)

    Vulnerability from nvd – Published: 2026-04-08 01:06 – Updated: 2026-04-13 18:19
    VLAI
    Title
    Inefficient policy validation in crypto/x509
    Summary
    Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-407 - Inefficient Algorithmic Complexity
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library crypto/x509 Affected: 0 , < 1.25.9 (semver)
    Affected: 1.26.0-0 , < 1.26.2 (semver)
    Create a notification for this product.
    Credits
    Jakub Ciolek - https://ciolek.dev
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-32281",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-13T17:52:37.734298Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-13T18:19:44.779Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "crypto/x509",
              "product": "crypto/x509",
              "programRoutines": [
                {
                  "name": "policiesValid"
                },
                {
                  "name": "Certificate.Verify"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.25.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.2",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Jakub Ciolek - https://ciolek.dev"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-407: Inefficient Algorithmic Complexity",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T01:06:58.354Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/758061"
            },
            {
              "url": "https://go.dev/issue/78281"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4946"
            }
          ],
          "title": "Inefficient policy validation in crypto/x509"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-32281",
        "datePublished": "2026-04-08T01:06:58.354Z",
        "dateReserved": "2026-03-11T16:38:46.556Z",
        "dateUpdated": "2026-04-13T18:19:44.779Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-32280 (GCVE-0-2026-32280)

    Vulnerability from nvd – Published: 2026-04-08 01:06 – Updated: 2026-07-02 12:04
    VLAI
    Title
    Unexpected work during chain building in crypto/x509
    Summary
    During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions.Intermediates, which can lead to a denial of service. This affects both direct users of crypto/x509 and users of crypto/tls.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    Go
    References
    URL Tags
    https://go.dev/cl/758320
    https://go.dev/issue/78282
    https://groups.google.com/g/golang-announce/c/0uY…
    https://pkg.go.dev/vuln/GO-2026-4947
    https://access.redhat.com/security/cve/CVE-2026-32280 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2456339 issue-trackingx_refsource_REDHAT
    https://security.access.redhat.com/data/csaf/v2/v… x_sadp-csaf-vex
    https://access.redhat.com/errata/RHSA-2026:24762 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16101 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24761 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:28886 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:21655 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:25180 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:27076 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:14391 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:28047 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:23244 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34365 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:20569 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:23103 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19715 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16024 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19550 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:18032 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:18027 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:17084 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19719 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19750 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:20570 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22713 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19714 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:20571 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19450 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:10217 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:29195 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:23102 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19133 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22141 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19144 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19135 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24470 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22130 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:29035 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24716 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:33722 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:10704 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16875 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:11507 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:11514 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:15980 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19634 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34192 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34196 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:34197 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19721 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:20607 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:20608 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19722 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16021 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:20556 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19839 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:28038 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19720 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22709 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:17287 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24337 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:20609 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:14200 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:10219 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:29455 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:29703 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19350 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19353 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:26447 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22309 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:29702 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:28074 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:26636 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:25089 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:26585 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22862 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22347 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:21769 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:23345 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16874 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:29854 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:26568 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:26571 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:25127 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13829 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:20889 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13791 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13545 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:21338 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13826 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22485 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24977 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24359 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:21772 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:11688 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16476 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16477 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16534 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16505 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16532 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16508 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16535 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16537 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16542 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:14162 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:9385 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:14020 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22840 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:21017 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24853 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19375 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22465 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:23361 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24478 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22960 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22958 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22962 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22959 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22961 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:28441 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22422 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22268 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22415 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:28198 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:28196 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22258 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22260 vendor-advisoryx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Go standard library crypto/x509 Affected: 0 , < 1.25.9 (semver)
    Affected: 1.26.0-0 , < 1.26.2 (semver)
    Create a notification for this product.
    Red Hat Red Hat Ansible Automation Platform 2.6 for RHEL 10     cpe:/a:redhat:ansible_automation_platform:2.6::el10
        cpe:/a:redhat:ansible_automation_platform_developer:2.6::el10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Server (v. 7 ELS)     cpe:/o:redhat:rhel_els:7
    Create a notification for this product.
    Red Hat Red Hat Ansible Automation Platform 2.5 for RHEL 8     cpe:/a:redhat:ansible_automation_platform:2.5::el8
        cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8
        cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.14     cpe:/a:redhat:openshift:4.14::el8
        cpe:/a:redhat:openshift:4.14::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.18     cpe:/a:redhat:openshift:4.18::el8
        cpe:/a:redhat:openshift:4.18::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 8     cpe:/a:redhat:satellite:6.16::el8
        cpe:/a:redhat:satellite_capsule:6.16::el8
        cpe:/a:redhat:satellite_maintenance:6.16::el8
        cpe:/a:redhat:satellite_utils:6.16::el8
    Create a notification for this product.
    Red Hat Red Hat Ansible Automation Platform 2.5 for RHEL 9     cpe:/a:redhat:ansible_automation_platform:2.5::el9
        cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9
        cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9
    Create a notification for this product.
    Red Hat Red Hat Ansible Automation Platform 2.6 for RHEL 9     cpe:/a:redhat:ansible_automation_platform:2.6::el9
        cpe:/a:redhat:ansible_automation_platform_developer:2.6::el9
        cpe:/a:redhat:ansible_automation_platform_inside:2.6::el9
    Create a notification for this product.
    Red Hat Cryostat 4 on RHEL 9     cpe:/a:redhat:cryostat:4::el9
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
        cpe:/a:redhat:openstack:17.1::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.19     cpe:/a:redhat:openshift:4.19::el8
        cpe:/a:redhat:openshift:4.19::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.16 for RHEL 9     cpe:/a:redhat:satellite:6.16::el9
        cpe:/a:redhat:satellite_capsule:6.16::el9
        cpe:/a:redhat:satellite_maintenance:6.16::el9
        cpe:/a:redhat:satellite_utils:6.16::el9
    Create a notification for this product.
    Red Hat Red Hat Satellite 6.19 for RHEL 9     cpe:/a:redhat:satellite:6.19::el9
        cpe:/a:redhat:satellite_capsule:6.19::el9
        cpe:/a:redhat:satellite_maintenance:6.19::el9
        cpe:/a:redhat:satellite_utils:6.19::el9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream EUS (v. 10.0)     cpe:/o:redhat:enterprise_linux_eus:10.0
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 10)     cpe:/o:redhat:enterprise_linux:10.1
        cpe:/o:redhat:enterprise_linux:10.2
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 8)     cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream AUS (v.8.6)     cpe:/a:redhat:rhel_aus:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream E4S (v.8.6)     cpe:/a:redhat:rhel_e4s:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream TUS (v.8.6)     cpe:/a:redhat:rhel_tus:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream E4S (v.9.4)     cpe:/a:redhat:rhel_e4s:9.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream EUS (v.9.4)     cpe:/a:redhat:rhel_eus:9.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream EUS (v.9.6)     cpe:/a:redhat:rhel_eus:9.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 9)     cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)     cpe:/o:redhat:enterprise_linux_eus:10.0
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)     cpe:/o:redhat:enterprise_linux:10.2
    Create a notification for this product.
    Red Hat Red Hat CodeReady Linux Builder EUS (v.9.6)     cpe:/a:redhat:rhel_eus:9.6::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)     cpe:/a:redhat:enterprise_linux:9::crb
    Create a notification for this product.
    Red Hat Custom Metric Autoscaler 2.19     cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.19::el9
    Create a notification for this product.
    Red Hat HawtIO HawtIO 4.4.0     cpe:/a:redhat:apache_camel_hawtio:4.4::el9
    Create a notification for this product.
    Red Hat Logging Subsystem for Red Hat OpenShift 6.0     cpe:/a:redhat:logging:6.0::el9
    Create a notification for this product.
    Red Hat Logging Subsystem for Red Hat OpenShift 6.4     cpe:/a:redhat:logging:6.4::el9
    Create a notification for this product.
    Red Hat Multicluster Global Hub 1.4.5     cpe:/a:redhat:multicluster_globalhub:1.4::el9
    Create a notification for this product.
    Red Hat Multicluster Global Hub 1.5.4     cpe:/a:redhat:multicluster_globalhub:1.5::el9
    Create a notification for this product.
    Red Hat Multicluster Global Hub 1.6.2     cpe:/a:redhat:multicluster_globalhub:1.6::el9
    Create a notification for this product.
    Red Hat Network Observability (NETOBSERV) 1.11.2     cpe:/a:redhat:network_observ_optr:1.11::el9
    Create a notification for this product.
    Red Hat OpenShift API for Data Protection 1.4     cpe:/a:redhat:openshift_api_data_protection:1.4::el9
    Create a notification for this product.
    Red Hat OpenShift API for Data Protection 1.5     cpe:/a:redhat:openshift_api_data_protection:1.5::el9
    Create a notification for this product.
    Red Hat OpenShift Compliance Operator 1     cpe:/a:redhat:openshift_compliance_operator:1::el9
    Create a notification for this product.
    Red Hat Red Hat Advanced Cluster Management for Kubernetes 2.14     cpe:/a:redhat:acm:2.14::el9
    Create a notification for this product.
    Red Hat Red Hat Advanced Cluster Security for Kubernetes 4.10     cpe:/a:redhat:advanced_cluster_security:4.10::el8
    Create a notification for this product.
    Red Hat Red Hat Advanced Cluster Security for Kubernetes 4.9     cpe:/a:redhat:advanced_cluster_security:4.9::el8
    Create a notification for this product.
    Red Hat Red Hat Ansible Automation Platform 2.6     cpe:/a:redhat:ansible_automation_platform:2.6::el9
    Create a notification for this product.
    Red Hat Red Hat Developer Hub 1.8     cpe:/a:redhat:rhdh:1.8::el9
    Create a notification for this product.
    Red Hat Red Hat Developer Hub 1.9     cpe:/a:redhat:rhdh:1.9::el9
    Create a notification for this product.
    Red Hat Red Hat Lightspeed (formerly Insights) for Runtimes 1     cpe:/a:redhat:lightspeed_for_runtimes:1.0::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI 2.25     cpe:/a:redhat:openshift_ai:2.25::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Builds 1.7.3     cpe:/a:redhat:openshift_builds:1.7::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces 3.28     cpe:/a:redhat:openshift_devspaces:3.28::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 2.6     cpe:/a:redhat:service_mesh:2.6::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.0     cpe:/a:redhat:service_mesh:3.0::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.1     cpe:/a:redhat:service_mesh:3.1::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.2     cpe:/a:redhat:service_mesh:3.2::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.3     cpe:/a:redhat:service_mesh:3.3::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3.9.3     cpe:/a:redhat:openshift_distributed_tracing:3.9::el9
    Create a notification for this product.
    Red Hat Red Hat OpenStack 1.5     cpe:/a:redhat:stf:1.5::el9
    Create a notification for this product.
    Red Hat Red Hat Quay 3.10     cpe:/a:redhat:quay:3.10::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.14     cpe:/a:redhat:quay:3.14::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.15     cpe:/a:redhat:quay:3.15::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.16     cpe:/a:redhat:quay:3.16::el9
    Create a notification for this product.
    Red Hat Red Hat Quay 3.17     cpe:/a:redhat:quay:3.17::el9
    Create a notification for this product.
    Red Hat Red Hat Quay 3.9     cpe:/a:redhat:quay:3.9::el8
    Create a notification for this product.
    Red Hat Red Hat Trusted Artifact Signer 1.3     cpe:/a:redhat:trusted_artifact_signer:1.3::el9
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.11     cpe:/a:redhat:webterminal:1.11::el9
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.12     cpe:/a:redhat:webterminal:1.12::el9
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.13     cpe:/a:redhat:webterminal:1.13::el9
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.14     cpe:/a:redhat:webterminal:1.14::el9
    Create a notification for this product.
    Red Hat Red Hat Web Terminal 1.15     cpe:/a:redhat:webterminal:1.15::el9
    Create a notification for this product.
    Red Hat mirror registry for Red Hat OpenShift 2.0     cpe:/a:redhat:mirror_registry:2.0::el8
    Create a notification for this product.
    Red Hat multicluster engine for Kubernetes 2.10     cpe:/a:redhat:multicluster_engine:2.10::el9
    Create a notification for this product.
    Red Hat multicluster engine for Kubernetes 2.11     cpe:/a:redhat:multicluster_engine:2.11::el9
    Create a notification for this product.
    Red Hat multicluster engine for Kubernetes 2.17     cpe:/a:redhat:multicluster_engine:2.17::el9
    Create a notification for this product.
    Red Hat multicluster engine for Kubernetes 2.6     cpe:/a:redhat:multicluster_engine:2.6::el8
    Create a notification for this product.
    Red Hat multicluster engine for Kubernetes 2.8     cpe:/a:redhat:multicluster_engine:2.8::el8
    Create a notification for this product.
    Red Hat Assisted Installer for Red Hat OpenShift Container Platform 2     cpe:/a:redhat:assisted_installer:2
    Create a notification for this product.
    Red Hat cert-manager Operator for Red Hat OpenShift     cpe:/a:redhat:cert_manager:1
    Create a notification for this product.
    Red Hat Confidential Compute Attestation     cpe:/a:redhat:confidential_compute_attestation:1
    Create a notification for this product.
    Red Hat Deployment Validation Operator     cpe:/a:redhat:deployment_validator_operator
    Create a notification for this product.
    Red Hat External Secrets Operator for Red Hat OpenShift     cpe:/a:redhat:external_secrets_operator:1
    Create a notification for this product.
    Red Hat ExternalDNS Operator     cpe:/a:redhat:ext_dns_optr:1
    Create a notification for this product.
    Red Hat Fence Agents Remediation Operator     cpe:/a:redhat:workload_availability_far:0
    Create a notification for this product.
    Red Hat File Integrity Operator     cpe:/a:redhat:openshift_file_integrity_operator:1
    Create a notification for this product.
    Red Hat Gatekeeper 3     cpe:/a:redhat:gatekeeper:3
    Create a notification for this product.
    Red Hat Logging Subsystem for Red Hat OpenShift     cpe:/a:redhat:logging:5
    Create a notification for this product.
    Red Hat Logical Volume Manager Storage     cpe:/a:redhat:lvms:4
    Create a notification for this product.
    Red Hat Migration Toolkit for Containers     cpe:/a:redhat:rhmt:1
    Create a notification for this product.
    Red Hat mirror registry for Red Hat OpenShift     cpe:/a:redhat:mirror_registry:1
    Create a notification for this product.
    Red Hat Multicluster Engine for Kubernetes     cpe:/a:redhat:multicluster_engine
    Create a notification for this product.
    Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
    Create a notification for this product.
    Red Hat OpenShift Lightspeed     cpe:/a:redhat:openshift_lightspeed
    Create a notification for this product.
    Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
    Create a notification for this product.
    Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
    Create a notification for this product.
    Red Hat Red Hat 3scale API Management Platform 2     cpe:/a:redhat:red_hat_3scale_amp:2
    Create a notification for this product.
    Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
    Create a notification for this product.
    Red Hat Red Hat Certification Program for Red Hat Enterprise Linux 9     cpe:/a:redhat:certifications:9
    Create a notification for this product.
    Red Hat Red Hat Connectivity Link 1     cpe:/a:redhat:connectivity_link:1
    Create a notification for this product.
    Red Hat Red Hat Edge Manager 1     cpe:/a:redhat:edge_manager:1
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AI (RHEL AI) 3     cpe:/a:redhat:enterprise_linux_ai:3
    Create a notification for this product.
    Red Hat Red Hat OpenShift Cluster Manager CLI     cpe:/a:redhat:openshift_cluster_manager_cli:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Red Hat Red Hat Openshift Data Foundation 4     cpe:/a:redhat:openshift_data_foundation:4
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Workspaces Operator     cpe:/a:redhat:devworkspace
    Create a notification for this product.
    Red Hat Red Hat OpenShift GitOps     cpe:/a:redhat:openshift_gitops:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift on AWS     cpe:/a:redhat:openshift_service_on_aws:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 18.0     cpe:/a:redhat:openstack:18.0
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat Security Profiles Operator     cpe:/a:redhat:openshift_security_profiles_operator:1
    Create a notification for this product.
    Red Hat Zero Trust Workload Identity Manager     cpe:/a:redhat:zero_trust_workload_identity_manager:1
    Create a notification for this product.
    Red Hat Zero Trust Workload Identity Manager - Tech Preview     cpe:/a:redhat:zero_trust_workload_identity_manager:0
    Create a notification for this product.
    Red Hat Machine Deletion Remediation Operator     cpe:/a:redhat:workload_availability_mdr:0
    Create a notification for this product.
    Red Hat Migration Toolkit for Applications 8     cpe:/a:redhat:migration_toolkit_applications:8
    Create a notification for this product.
    Red Hat Node HealthCheck Operator     cpe:/a:redhat:workload_availability_nhc:0
    Create a notification for this product.
    Red Hat OpenShift Service Mesh 2     cpe:/a:redhat:service_mesh:2
    Create a notification for this product.
    Red Hat OpenShift Service Mesh 3     cpe:/a:redhat:service_mesh:3
    Create a notification for this product.
    Red Hat Power monitoring for Red Hat OpenShift     cpe:/a:redhat:openshift_power_monitoring
    Create a notification for this product.
    Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
    Create a notification for this product.
    Red Hat Red Hat OpenShift for Windows Containers     cpe:/a:redhat:windows_machine_config
    Create a notification for this product.
    Red Hat Red Hat Quay 3     cpe:/a:redhat:quay:3
    Create a notification for this product.
    Red Hat Red Hat Service Interconnect 1     cpe:/a:redhat:service_interconnect:1
    Create a notification for this product.
    Red Hat Red Hat Service Interconnect 2     cpe:/a:redhat:service_interconnect:2
    Create a notification for this product.
    Red Hat streams for Apache Kafka 3     cpe:/a:redhat:amq_streams:3
    Create a notification for this product.
    Credits
    Jakub Ciolek - https://ciolek.dev
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-32280",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-08T17:46:14.569488Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-770",
                    "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-08T17:46:47.347Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:ansible_automation_platform:2.6::el10",
                  "cpe:/a:redhat:ansible_automation_platform_developer:2.6::el10"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ansible Automation Platform 2.6 for RHEL 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_els:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Server (v. 7 ELS)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ansible_automation_platform:2.5::el8",
                  "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8",
                  "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4.14::el8",
                  "cpe:/a:redhat:openshift:4.14::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4.14",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4.18::el8",
                  "cpe:/a:redhat:openshift:4.18::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4.18",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.16::el8",
                  "cpe:/a:redhat:satellite_capsule:6.16::el8",
                  "cpe:/a:redhat:satellite_maintenance:6.16::el8",
                  "cpe:/a:redhat:satellite_utils:6.16::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.16 for RHEL 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ansible_automation_platform:2.5::el9",
                  "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9",
                  "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ansible_automation_platform:2.6::el9",
                  "cpe:/a:redhat:ansible_automation_platform_developer:2.6::el9",
                  "cpe:/a:redhat:ansible_automation_platform_inside:2.6::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ansible Automation Platform 2.6 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:cryostat:4::el9"
                ],
                "defaultStatus": "affected",
                "product": "Cryostat 4 on RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:17.1",
                  "cpe:/a:redhat:openstack:17.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenStack Platform 17.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4.19::el8",
                  "cpe:/a:redhat:openshift:4.19::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4.19",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.16::el9",
                  "cpe:/a:redhat:satellite_capsule:6.16::el9",
                  "cpe:/a:redhat:satellite_maintenance:6.16::el9",
                  "cpe:/a:redhat:satellite_utils:6.16::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.16 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6.19::el9",
                  "cpe:/a:redhat:satellite_capsule:6.19::el9",
                  "cpe:/a:redhat:satellite_maintenance:6.19::el9",
                  "cpe:/a:redhat:satellite_utils:6.19::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6.19 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux_eus:10.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.1",
                  "cpe:/o:redhat:enterprise_linux:10.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:8::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_aus:8.6::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream AUS (v.8.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_e4s:8.6::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream E4S (v.8.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_tus:8.6::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream TUS (v.8.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_e4s:9.4::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream E4S (v.9.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.4::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.6::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux_eus:10.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.6::crb"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat CodeReady Linux Builder EUS (v.9.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::crb"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.19::el9"
                ],
                "defaultStatus": "affected",
                "product": "Custom Metric Autoscaler 2.19",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apache_camel_hawtio:4.4::el9"
                ],
                "defaultStatus": "affected",
                "product": "HawtIO HawtIO 4.4.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:logging:6.0::el9"
                ],
                "defaultStatus": "affected",
                "product": "Logging Subsystem for Red Hat OpenShift 6.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:logging:6.4::el9"
                ],
                "defaultStatus": "affected",
                "product": "Logging Subsystem for Red Hat OpenShift 6.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_globalhub:1.4::el9"
                ],
                "defaultStatus": "affected",
                "product": "Multicluster Global Hub 1.4.5",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_globalhub:1.5::el9"
                ],
                "defaultStatus": "affected",
                "product": "Multicluster Global Hub 1.5.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_globalhub:1.6::el9"
                ],
                "defaultStatus": "affected",
                "product": "Multicluster Global Hub 1.6.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:network_observ_optr:1.11::el9"
                ],
                "defaultStatus": "affected",
                "product": "Network Observability (NETOBSERV) 1.11.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_api_data_protection:1.4::el9"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift API for Data Protection 1.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_api_data_protection:1.5::el9"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift API for Data Protection 1.5",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_compliance_operator:1::el9"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Compliance Operator 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:acm:2.14::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Advanced Cluster Management for Kubernetes 2.14",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:advanced_cluster_security:4.10::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Advanced Cluster Security for Kubernetes 4.10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:advanced_cluster_security:4.9::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ansible_automation_platform:2.6::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ansible Automation Platform 2.6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhdh:1.8::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Developer Hub 1.8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhdh:1.9::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Developer Hub 1.9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:lightspeed_for_runtimes:1.0::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Lightspeed (formerly Insights) for Runtimes 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_ai:2.25::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift AI 2.25",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_builds:1.7::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Builds 1.7.3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3.28::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Dev Spaces 3.28",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:2.6::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 2.6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.0::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.2::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.3::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_distributed_tracing:3.9::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift distributed tracing 3.9.3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:stf:1.5::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenStack 1.5",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.10::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.14::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.14",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.15::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.15",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.16::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.16",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.17::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.17",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.9::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:trusted_artifact_signer:1.3::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Trusted Artifact Signer 1.3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:webterminal:1.11::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Web Terminal 1.11",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:webterminal:1.12::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Web Terminal 1.12",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:webterminal:1.13::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Web Terminal 1.13",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:webterminal:1.14::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Web Terminal 1.14",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:webterminal:1.15::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Web Terminal 1.15",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:mirror_registry:2.0::el8"
                ],
                "defaultStatus": "affected",
                "product": "mirror registry for Red Hat OpenShift 2.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_engine:2.10::el9"
                ],
                "defaultStatus": "affected",
                "product": "multicluster engine for Kubernetes 2.10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_engine:2.11::el9"
                ],
                "defaultStatus": "affected",
                "product": "multicluster engine for Kubernetes 2.11",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_engine:2.17::el9"
                ],
                "defaultStatus": "affected",
                "product": "multicluster engine for Kubernetes 2.17",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_engine:2.6::el8"
                ],
                "defaultStatus": "affected",
                "product": "multicluster engine for Kubernetes 2.6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_engine:2.8::el8"
                ],
                "defaultStatus": "affected",
                "product": "multicluster engine for Kubernetes 2.8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:assisted_installer:2"
                ],
                "defaultStatus": "affected",
                "product": "Assisted Installer for Red Hat OpenShift Container Platform 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:cert_manager:1"
                ],
                "defaultStatus": "affected",
                "product": "cert-manager Operator for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:confidential_compute_attestation:1"
                ],
                "defaultStatus": "affected",
                "product": "Confidential Compute Attestation",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:deployment_validator_operator"
                ],
                "defaultStatus": "affected",
                "product": "Deployment Validation Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:external_secrets_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "External Secrets Operator for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ext_dns_optr:1"
                ],
                "defaultStatus": "affected",
                "product": "ExternalDNS Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:workload_availability_far:0"
                ],
                "defaultStatus": "affected",
                "product": "Fence Agents Remediation Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_file_integrity_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "File Integrity Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:gatekeeper:3"
                ],
                "defaultStatus": "affected",
                "product": "Gatekeeper 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:logging:5"
                ],
                "defaultStatus": "affected",
                "product": "Logging Subsystem for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:lvms:4"
                ],
                "defaultStatus": "affected",
                "product": "Logical Volume Manager Storage",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhmt:1"
                ],
                "defaultStatus": "affected",
                "product": "Migration Toolkit for Containers",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:mirror_registry:1"
                ],
                "defaultStatus": "affected",
                "product": "mirror registry for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_engine"
                ],
                "defaultStatus": "affected",
                "product": "Multicluster Engine for Kubernetes",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_lightspeed"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Lightspeed",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_pipelines:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Pipelines",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:serverless:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Serverless",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:red_hat_3scale_amp:2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat 3scale API Management Platform 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:acm:2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:certifications:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Certification Program for Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:connectivity_link:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Connectivity Link 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:edge_manager:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Edge Manager 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux_ai:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_cluster_manager_cli:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Cluster Manager CLI",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_data_foundation:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Openshift Data Foundation 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:devworkspace"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Dev Workspaces Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_gitops:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift GitOps",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_service_on_aws:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift on AWS",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:container_native_virtualization:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Virtualization 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:16.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenStack Platform 16.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:18.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenStack Platform 18.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_security_profiles_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "Security Profiles Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:zero_trust_workload_identity_manager:1"
                ],
                "defaultStatus": "affected",
                "product": "Zero Trust Workload Identity Manager",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:zero_trust_workload_identity_manager:0"
                ],
                "defaultStatus": "affected",
                "product": "Zero Trust Workload Identity Manager - Tech Preview",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:workload_availability_mdr:0"
                ],
                "defaultStatus": "unaffected",
                "product": "Machine Deletion Remediation Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:migration_toolkit_applications:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Migration Toolkit for Applications 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:workload_availability_nhc:0"
                ],
                "defaultStatus": "unaffected",
                "product": "Node HealthCheck Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:2"
                ],
                "defaultStatus": "unaffected",
                "product": "OpenShift Service Mesh 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3"
                ],
                "defaultStatus": "unaffected",
                "product": "OpenShift Service Mesh 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_power_monitoring"
                ],
                "defaultStatus": "unaffected",
                "product": "Power monitoring for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ansible_automation_platform:2"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Ansible Automation Platform 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_ai"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenShift AI (RHOAI)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:windows_machine_config"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenShift for Windows Containers",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Quay 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_interconnect:1"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Service Interconnect 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_interconnect:2"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Service Interconnect 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "unaffected",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-08T01:06:58.595Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-770",
                    "description": "Allocation of Resources Without Limits or Throttling",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-02T12:04:52.041Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-32280"
              },
              {
                "name": "RHBZ#2456339",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32280.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24762"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16101"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24761"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:28886"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:21655"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:25180"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:27076"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14391"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:28047"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23244"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34365"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:20569"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23103"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19715"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16024"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19550"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18032"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18027"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:17084"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19719"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19750"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:20570"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22713"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19714"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:20571"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19450"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:10217"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:29195"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23102"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19133"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22141"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19144"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19135"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24470"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22130"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:29035"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24716"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33722"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:10704"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16875"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11507"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11514"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:15980"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19634"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34192"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34196"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34197"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19721"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:20607"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:20608"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19722"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16021"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:20556"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19839"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:28038"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19720"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22709"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:17287"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24337"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:20609"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14200"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:10219"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:29455"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:29703"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19350"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19353"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:26447"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22309"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:29702"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:28074"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:26636"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:25089"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:26585"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22862"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22347"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:21769"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23345"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16874"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:29854"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:26568"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:26571"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:25127"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13829"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:20889"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13791"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13545"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:21338"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13826"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22485"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24977"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24359"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:21772"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11688"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16476"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16477"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16534"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16505"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16532"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16508"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16535"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16537"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16542"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14162"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:9385"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14020"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22840"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:21017"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24853"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19375"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22465"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23361"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24478"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22960"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22958"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22962"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22959"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22961"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:28441"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22422"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22268"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22415"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:28198"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:28196"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22258"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22260"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:24762: Red Hat Ansible Automation Platform 2.6 for RHEL 10, Red Hat Ansible Automation Platform 2.6 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16101: Red Hat Enterprise Linux Server (v. 7 ELS)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24761: Red Hat Ansible Automation Platform 2.5 for RHEL 8, Red Hat Ansible Automation Platform 2.5 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:28886: Red Hat OpenShift Container Platform 4.14"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:21655: Red Hat OpenShift Container Platform 4.18"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:25180: Red Hat OpenShift Container Platform 4.18"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:27076: Red Hat Satellite 6.16 for RHEL 8, Red Hat Satellite 6.16 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14391: Cryostat 4 on RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:28047: Red Hat OpenStack Platform 17.1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23244: Red Hat OpenShift Container Platform 4.19"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:34365: Red Hat Satellite 6.19 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:20569: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23103: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19715: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16024: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19550: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:18032: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:18027: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:17084: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19719: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19750: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:20570: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22713: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19714: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:20571: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19450: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:10217: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:29195: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23102: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19133: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22141: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19144: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19135: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24470: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22130: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:29035: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24716: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33722: Red Hat Enterprise Linux AppStream (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:10704: Red Hat Enterprise Linux AppStream (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16875: Red Hat Enterprise Linux AppStream (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:11507: Red Hat Enterprise Linux AppStream (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:11514: Red Hat Enterprise Linux AppStream (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:15980: Red Hat Enterprise Linux AppStream (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19634: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:34192: Red Hat Enterprise Linux AppStream E4S (v.9.4)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:34196: Red Hat Enterprise Linux AppStream E4S (v.9.4)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:34197: Red Hat Enterprise Linux AppStream E4S (v.9.4)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19721: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:20607: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:20608: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19722: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16021: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:20556: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19839: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:28038: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19720: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22709: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:17287: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24337: Red Hat CodeReady Linux Builder EUS (v.9.6), Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:20609: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14200: Red Hat Enterprise Linux AppStream (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:10219: Red Hat Enterprise Linux AppStream (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:29455: Red Hat Enterprise Linux AppStream (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:29703: Red Hat Enterprise Linux AppStream (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19350: Red Hat Enterprise Linux AppStream (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19353: Red Hat Enterprise Linux AppStream (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:26447: Red Hat Enterprise Linux AppStream (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22309: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:29702: Red Hat Enterprise Linux AppStream (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:28074: Red Hat Enterprise Linux AppStream (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:26636: Custom Metric Autoscaler 2.19"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:25089: HawtIO HawtIO 4.4.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:26585: Logging Subsystem for Red Hat OpenShift 6.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22862: Logging Subsystem for Red Hat OpenShift 6.4"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22347: Multicluster Global Hub 1.4.5"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:21769: Multicluster Global Hub 1.5.4"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23345: Multicluster Global Hub 1.6.2"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16874: Network Observability (NETOBSERV) 1.11.2"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:29854: OpenShift API for Data Protection 1.4"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:26568: OpenShift API for Data Protection 1.5"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:26571: OpenShift Compliance Operator 1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:25127: Red Hat Advanced Cluster Management for Kubernetes 2.14"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13829: Red Hat Advanced Cluster Security for Kubernetes 4.10"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:20889: Red Hat Advanced Cluster Security for Kubernetes 4.10"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13791: Red Hat Advanced Cluster Security for Kubernetes 4.9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13545: Red Hat Ansible Automation Platform 2.6"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:21338: Red Hat Developer Hub 1.8"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13826: Red Hat Developer Hub 1.9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22485: Red Hat Lightspeed (formerly Insights) for Runtimes 1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24977: Red Hat OpenShift AI 2.25"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24359: Red Hat OpenShift Builds 1.7.3"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:21772: Red Hat OpenShift Dev Spaces 3.28"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:11688: Red Hat OpenShift Service Mesh 2.6"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16476: Red Hat OpenShift Service Mesh 2.6"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16477: Red Hat OpenShift Service Mesh 3.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16534: Red Hat OpenShift Service Mesh 3.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16505: Red Hat OpenShift Service Mesh 3.1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16532: Red Hat OpenShift Service Mesh 3.1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16508: Red Hat OpenShift Service Mesh 3.2"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16535: Red Hat OpenShift Service Mesh 3.2"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16537: Red Hat OpenShift Service Mesh 3.3"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16542: Red Hat OpenShift Service Mesh 3.3"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14162: Red Hat OpenShift distributed tracing 3.9.3"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:9385: Red Hat OpenShift distributed tracing 3.9.3"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14020: Red Hat OpenStack 1.5"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22840: Red Hat Quay 3.10"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:21017: Red Hat Quay 3.14"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24853: Red Hat Quay 3.15"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19375: Red Hat Quay 3.16"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22465: Red Hat Quay 3.17"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23361: Red Hat Quay 3.9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24478: Red Hat Trusted Artifact Signer 1.3"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22960: Red Hat Web Terminal 1.11"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22958: Red Hat Web Terminal 1.12"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22962: Red Hat Web Terminal 1.13"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22959: Red Hat Web Terminal 1.14"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22961: Red Hat Web Terminal 1.15"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:28441: mirror registry for Red Hat OpenShift 2.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22422: multicluster engine for Kubernetes 2.10"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22268: multicluster engine for Kubernetes 2.11"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22415: multicluster engine for Kubernetes 2.17"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:28198: multicluster engine for Kubernetes 2.6"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:28196: multicluster engine for Kubernetes 2.6"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22258: multicluster engine for Kubernetes 2.8"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22260: multicluster engine for Kubernetes 2.8"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-04-08T02:01:19.572Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-08T01:06:58.595Z",
                "value": "Made public."
              }
            ],
            "title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "crypto/x509",
              "product": "crypto/x509",
              "programRoutines": [
                {
                  "name": "Certificate.buildChains"
                },
                {
                  "name": "Certificate.Verify"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.25.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.2",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Jakub Ciolek - https://ciolek.dev"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions.Intermediates, which can lead to a denial of service. This affects both direct users of crypto/x509 and users of crypto/tls."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T01:06:58.595Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/758320"
            },
            {
              "url": "https://go.dev/issue/78282"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4947"
            }
          ],
          "title": "Unexpected work during chain building in crypto/x509"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-32280",
        "datePublished": "2026-04-08T01:06:58.595Z",
        "dateReserved": "2026-03-11T16:38:46.555Z",
        "dateUpdated": "2026-07-02T12:04:52.041Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-39820 (GCVE-0-2026-39820)

    Vulnerability from cvelistv5 – Published: 2026-05-07 19:41 – Updated: 2026-07-02 12:05
    VLAI
    Title
    Quadratic string concatentation in consumeComment in net/mail
    Summary
    Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-407 - Inefficient Algorithmic Complexity
    • CWE-606 - Unchecked Input for Loop Condition
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/mail Affected: 0 , < 1.25.10 (semver)
    Affected: 1.26.0-0 , < 1.26.3 (semver)
    Create a notification for this product.
    Red Hat Logging Subsystem for Red Hat OpenShift 6.4     cpe:/a:redhat:logging:6.4::el9
    Create a notification for this product.
    Red Hat Red Hat Developer Hub 1.9     cpe:/a:redhat:rhdh:1.9::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.0     cpe:/a:redhat:service_mesh:3.0::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.1     cpe:/a:redhat:service_mesh:3.1::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.2     cpe:/a:redhat:service_mesh:3.2::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.3     cpe:/a:redhat:service_mesh:3.3::el9
    Create a notification for this product.
    Red Hat Assisted Installer for Red Hat OpenShift Container Platform 2     cpe:/a:redhat:assisted_installer:2
    Create a notification for this product.
    Red Hat cert-manager Operator for Red Hat OpenShift     cpe:/a:redhat:cert_manager:1
    Create a notification for this product.
    Red Hat Confidential Compute Attestation     cpe:/a:redhat:confidential_compute_attestation:1
    Create a notification for this product.
    Red Hat Cryostat 4     cpe:/a:redhat:cryostat:4
    Create a notification for this product.
    Red Hat Custom Metric Autoscaler operator for Red Hat Openshift     cpe:/a:redhat:openshift_custom_metrics_autoscaler:2
    Create a notification for this product.
    Red Hat External Secrets Operator for Red Hat OpenShift     cpe:/a:redhat:external_secrets_operator:1
    Create a notification for this product.
    Red Hat File Integrity Operator     cpe:/a:redhat:openshift_file_integrity_operator:1
    Create a notification for this product.
    Red Hat Logical Volume Manager Storage     cpe:/a:redhat:lvms:4
    Create a notification for this product.
    Red Hat Migration Toolkit for Applications 8     cpe:/a:redhat:migration_toolkit_applications:8
    Create a notification for this product.
    Red Hat Migration Toolkit for Containers     cpe:/a:redhat:rhmt:1
    Create a notification for this product.
    Red Hat Multiarch Tuning Operator     cpe:/a:redhat:multiarch_tuning_operator
    Create a notification for this product.
    Red Hat Network Observability Operator     cpe:/a:redhat:network_observ_optr:1
    Create a notification for this product.
    Red Hat OpenShift API for Data Protection     cpe:/a:redhat:openshift_api_data_protection:1
    Create a notification for this product.
    Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
    Create a notification for this product.
    Red Hat OpenShift Lightspeed     cpe:/a:redhat:openshift_lightspeed
    Create a notification for this product.
    Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
    Create a notification for this product.
    Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
    Create a notification for this product.
    Red Hat OpenShift Service Mesh 2     cpe:/a:redhat:service_mesh:2
    Create a notification for this product.
    Red Hat OpenShift Service Mesh 3     cpe:/a:redhat:service_mesh:3
    Create a notification for this product.
    Red Hat Power monitoring for Red Hat OpenShift     cpe:/a:redhat:openshift_power_monitoring
    Create a notification for this product.
    Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
    Create a notification for this product.
    Red Hat Red Hat Ceph Storage 5     cpe:/a:redhat:ceph_storage:5
    Create a notification for this product.
    Red Hat Red Hat Ceph Storage 6     cpe:/a:redhat:ceph_storage:6
    Create a notification for this product.
    Red Hat Red Hat Ceph Storage 9     cpe:/a:redhat:ceph_storage:9
    Create a notification for this product.
    Red Hat Red Hat Certification Program for Red Hat Enterprise Linux 9     cpe:/a:redhat:certifications:9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AI (RHEL AI) 3     cpe:/a:redhat:enterprise_linux_ai:3
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
    Create a notification for this product.
    Red Hat Red Hat OpenShift Cluster Manager CLI     cpe:/a:redhat:openshift_cluster_manager_cli:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Red Hat Red Hat Openshift Data Foundation 4     cpe:/a:redhat:openshift_data_foundation:4
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces     cpe:/a:redhat:openshift_devspaces:3
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Workspaces Operator     cpe:/a:redhat:devworkspace
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3     cpe:/a:redhat:openshift_distributed_tracing:3
    Create a notification for this product.
    Red Hat Red Hat OpenShift for Windows Containers     cpe:/a:redhat:windows_machine_config
    Create a notification for this product.
    Red Hat Red Hat OpenShift GitOps     cpe:/a:redhat:openshift_gitops:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 18.0     cpe:/a:redhat:openstack:18.0
    Create a notification for this product.
    Red Hat Red Hat Quay 3     cpe:/a:redhat:quay:3
    Create a notification for this product.
    Red Hat Red Hat Service Interconnect 1     cpe:/a:redhat:service_interconnect:1
    Create a notification for this product.
    Red Hat Red Hat Service Interconnect 2     cpe:/a:redhat:service_interconnect:2
    Create a notification for this product.
    Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
    Create a notification for this product.
    Red Hat Security Profiles Operator     cpe:/a:redhat:openshift_security_profiles_operator:1
    Create a notification for this product.
    Red Hat Zero Trust Workload Identity Manager     cpe:/a:redhat:zero_trust_workload_identity_manager:1
    Create a notification for this product.
    Red Hat Zero Trust Workload Identity Manager - Tech Preview     cpe:/a:redhat:zero_trust_workload_identity_manager:0
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
    Create a notification for this product.
    Red Hat Gatekeeper 3     cpe:/a:redhat:gatekeeper:3
    Create a notification for this product.
    Red Hat Multicluster Engine for Kubernetes     cpe:/a:redhat:multicluster_engine
    Create a notification for this product.
    Red Hat Multicluster Global Hub     cpe:/a:redhat:multicluster_globalhub
    Create a notification for this product.
    Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
    Create a notification for this product.
    Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
    Create a notification for this product.
    Red Hat Red Hat Edge Manager 1     cpe:/a:redhat:edge_manager:1
    Create a notification for this product.
    Red Hat Red Hat Lightspeed for Runtimes Operator     cpe:/a:redhat:lightspeed_for_runtimes:1
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Credits
    thatnealpatel
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-39820",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T14:27:51.595266Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T14:27:54.923Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:logging:6.4::el9"
                ],
                "defaultStatus": "affected",
                "product": "Logging Subsystem for Red Hat OpenShift 6.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhdh:1.9::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Developer Hub 1.9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.0::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.2::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.3::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:assisted_installer:2"
                ],
                "defaultStatus": "affected",
                "product": "Assisted Installer for Red Hat OpenShift Container Platform 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:cert_manager:1"
                ],
                "defaultStatus": "affected",
                "product": "cert-manager Operator for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:confidential_compute_attestation:1"
                ],
                "defaultStatus": "affected",
                "product": "Confidential Compute Attestation",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:cryostat:4"
                ],
                "defaultStatus": "affected",
                "product": "Cryostat 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2"
                ],
                "defaultStatus": "affected",
                "product": "Custom Metric Autoscaler operator for Red Hat Openshift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:external_secrets_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "External Secrets Operator for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_file_integrity_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "File Integrity Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:lvms:4"
                ],
                "defaultStatus": "affected",
                "product": "Logical Volume Manager Storage",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:migration_toolkit_applications:8"
                ],
                "defaultStatus": "affected",
                "product": "Migration Toolkit for Applications 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhmt:1"
                ],
                "defaultStatus": "affected",
                "product": "Migration Toolkit for Containers",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multiarch_tuning_operator"
                ],
                "defaultStatus": "affected",
                "product": "Multiarch Tuning Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:network_observ_optr:1"
                ],
                "defaultStatus": "affected",
                "product": "Network Observability Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_api_data_protection:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift API for Data Protection",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_lightspeed"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Lightspeed",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_pipelines:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Pipelines",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:serverless:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Serverless",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:2"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Service Mesh 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Service Mesh 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_power_monitoring"
                ],
                "defaultStatus": "affected",
                "product": "Power monitoring for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:advanced_cluster_security:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Advanced Cluster Security 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ceph_storage:5"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ceph Storage 5",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ceph_storage:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ceph Storage 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ceph_storage:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ceph Storage 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:certifications:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Certification Program for Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux_ai:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_ai"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift AI (RHOAI)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_cluster_manager_cli:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Cluster Manager CLI",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_data_foundation:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Openshift Data Foundation 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Dev Spaces",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:devworkspace"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Dev Workspaces Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_distributed_tracing:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift distributed tracing 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:windows_machine_config"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift for Windows Containers",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_gitops:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift GitOps",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:container_native_virtualization:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Virtualization 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:18.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenStack Platform 18.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_interconnect:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Service Interconnect 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_interconnect:2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Service Interconnect 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:trusted_artifact_signer:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Trusted Artifact Signer",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_security_profiles_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "Security Profiles Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:zero_trust_workload_identity_manager:1"
                ],
                "defaultStatus": "affected",
                "product": "Zero Trust Workload Identity Manager",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:zero_trust_workload_identity_manager:0"
                ],
                "defaultStatus": "affected",
                "product": "Zero Trust Workload Identity Manager - Tech Preview",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:16.2"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenStack Platform 16.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:17.1"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenStack Platform 17.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:gatekeeper:3"
                ],
                "defaultStatus": "unknown",
                "product": "Gatekeeper 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_engine"
                ],
                "defaultStatus": "unknown",
                "product": "Multicluster Engine for Kubernetes",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_globalhub"
                ],
                "defaultStatus": "unknown",
                "product": "Multicluster Global Hub",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:acm:2"
                ],
                "defaultStatus": "unknown",
                "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ansible_automation_platform:2"
                ],
                "defaultStatus": "unknown",
                "product": "Red Hat Ansible Automation Platform 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:edge_manager:1"
                ],
                "defaultStatus": "unknown",
                "product": "Red Hat Edge Manager 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:lightspeed_for_runtimes:1"
                ],
                "defaultStatus": "unknown",
                "product": "Red Hat Lightspeed for Runtimes Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "unknown",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-07T19:41:19.854Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-606",
                    "description": "Unchecked Input for Loop Condition",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-02T12:05:06.798Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-39820"
              },
              {
                "name": "RHBZ#2467820",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467820"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39820.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34364"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33574"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33120"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33123"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33142"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33150"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:34364: Logging Subsystem for Red Hat OpenShift 6.4"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33574: Red Hat Developer Hub 1.9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33120: Red Hat OpenShift Service Mesh 3.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33123: Red Hat OpenShift Service Mesh 3.1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33142: Red Hat OpenShift Service Mesh 3.2"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33150: Red Hat OpenShift Service Mesh 3.3"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-07T20:01:27.800Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-07T19:41:19.854Z",
                "value": "Made public."
              }
            ],
            "title": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/mail",
              "product": "net/mail",
              "programRoutines": [
                {
                  "name": "addrParser.consumeComment"
                },
                {
                  "name": "AddressParser.Parse"
                },
                {
                  "name": "AddressParser.ParseList"
                },
                {
                  "name": "Header.AddressList"
                },
                {
                  "name": "Header.Date"
                },
                {
                  "name": "ParseAddress"
                },
                {
                  "name": "ParseAddressList"
                },
                {
                  "name": "ParseDate"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.25.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.3",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "thatnealpatel"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-407: Inefficient Algorithmic Complexity",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T19:41:19.854Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/78566"
            },
            {
              "url": "https://go.dev/cl/759940"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4986"
            }
          ],
          "title": "Quadratic string concatentation in consumeComment in net/mail"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-39820",
        "datePublished": "2026-05-07T19:41:19.854Z",
        "dateReserved": "2026-04-07T18:13:03.526Z",
        "dateUpdated": "2026-07-02T12:05:06.798Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-42501 (GCVE-0-2026-42501)

    Vulnerability from cvelistv5 – Published: 2026-05-07 19:41 – Updated: 2026-05-08 15:48
    VLAI
    Title
    Malicious module proxy can bypass checksum database in cmd/go
    Summary
    A malicious module proxy can exploit a flaw in the go command's validation of module checksums to bypass checksum database validation. This vulnerability affects any user using an untrusted module proxy (GOMODPROXY) or checksum database (GOSUMDB). A malicious module proxy can serve altered versions of the Go toolchain. When selecting a different version of the Go toolchain than the currently installed toolchain (due to the GOTOOLCHAIN environment variable, or a go.work or go.mod with a toolchain line), the go command will download and execute a toolchain provided by the module proxy. A malicious module proxy can bypass checksum database validation for this downloaded toolchain. Since this vulnerability affects the security of toolchain downloads, setting GOTOOLCHAIN to a fixed version is not sufficient. You must upgrade your base Go toolchain. The go tool always validates the hash of a toolchain before executing it, so fixed versions will refuse to execute any cached, altered versions of the toolchain. The go tool trusts go.sum files to contain accurate hashes of the current module's dependencies. A malicious proxy exploiting this vulnerability to serve an altered module will have caused an incorrect hash to be recorded in the go.sum. Users who have configured a non-trusted GOPROXY can determine if they have been affected by running "rm go.sum ; go mod tidy ; go mod verify", which will revalidate all dependencies of the current module. The specific flaw in more detail: The go command consults the checksum database to validate downloaded modules, when a module is not listed in the go.sum file. It verifies that the module hash reported by the checksum database matches the hash of the downloaded module. If, however, the checksum database returns a successful response that contains no entry for the module, the go command incorrectly permitted validation to succeed. A module proxy may mirror or proxy the checksum database, in which case the go command will not connect to the checksum database directly. Checksums reported by the checksum database are cryptographically signed, so a malicious proxy cannot alter the reported checksum for a module. However, a proxy which returns an empty checksum response, or a checksum response for an unrelated module, could cause the go command to proceed as if a downloaded module has been validated.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-347 - Improper Verification of Cryptographic Signature
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go toolchain cmd/go Affected: 0 , < 1.25.10 (semver)
    Affected: 1.26.0-0 , < 1.26.3 (semver)
    Create a notification for this product.
    Credits
    Mundur (https://github.com/M0nd0R)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-42501",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T15:48:05.053316Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-347",
                    "description": "CWE-347 Improper Verification of Cryptographic Signature",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T15:48:47.404Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "cmd/go",
              "product": "cmd/go",
              "vendor": "Go toolchain",
              "versions": [
                {
                  "lessThan": "1.25.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.3",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Mundur (https://github.com/M0nd0R)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A malicious module proxy can exploit a flaw in the go command\u0027s validation of module checksums to bypass checksum database validation. This vulnerability affects any user using an untrusted module proxy (GOMODPROXY) or checksum database (GOSUMDB). A malicious module proxy can serve altered versions of the Go toolchain. When selecting a different version of the Go toolchain than the currently installed toolchain (due to the GOTOOLCHAIN environment variable, or a go.work or go.mod with a toolchain line), the go command will download and execute a toolchain provided by the module proxy. A malicious module proxy can bypass checksum database validation for this downloaded toolchain. Since this vulnerability affects the security of toolchain downloads, setting GOTOOLCHAIN to a fixed version is not sufficient. You must upgrade your base Go toolchain. The go tool always validates the hash of a toolchain before executing it, so fixed versions will refuse to execute any cached, altered versions of the toolchain. The go tool trusts go.sum files to contain accurate hashes of the current module\u0027s dependencies. A malicious proxy exploiting this vulnerability to serve an altered module will have caused an incorrect hash to be recorded in the go.sum. Users who have configured a non-trusted GOPROXY can determine if they have been affected by running \"rm go.sum ; go mod tidy ; go mod verify\", which will revalidate all dependencies of the current module. The specific flaw in more detail: The go command consults the checksum database to validate downloaded modules, when a module is not listed in the go.sum file. It verifies that the module hash reported by the checksum database matches the hash of the downloaded module. If, however, the checksum database returns a successful response that contains no entry for the module, the go command incorrectly permitted validation to succeed. A module proxy may mirror or proxy the checksum database, in which case the go command will not connect to the checksum database directly. Checksums reported by the checksum database are cryptographically signed, so a malicious proxy cannot alter the reported checksum for a module. However, a proxy which returns an empty checksum response, or a checksum response for an unrelated module, could cause the go command to proceed as if a downloaded module has been validated."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-347: Improper Verification of Cryptographic Signature",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T19:41:19.691Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/775321"
            },
            {
              "url": "https://go.dev/issue/79070"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4984"
            }
          ],
          "title": "Malicious module proxy can bypass checksum database in cmd/go"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-42501",
        "datePublished": "2026-05-07T19:41:19.691Z",
        "dateReserved": "2026-04-28T00:21:12.791Z",
        "dateUpdated": "2026-05-08T15:48:47.404Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-39823 (GCVE-0-2026-39823)

    Vulnerability from cvelistv5 – Published: 2026-05-07 19:41 – Updated: 2026-05-08 14:05
    VLAI
    Title
    Bypass of meta content URL escaping causes XSS in html/template
    Summary
    CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a <meta> tag's <content> attribute. If the URL content were to insert ASCII whitespaces around the '=' rune inside of the <content> attribute, the escaper would fail to similarly escape it, leading to XSS.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library html/template Affected: 0 , < 1.25.10 (semver)
    Affected: 1.26.0-0 , < 1.26.3 (semver)
    Create a notification for this product.
    Credits
    Samy Ghannad
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.1,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "CHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-39823",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T14:05:34.310805Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T14:05:55.152Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "html/template",
              "product": "html/template",
              "programRoutines": [
                {
                  "name": "tMetaContent"
                },
                {
                  "name": "Template.Execute"
                },
                {
                  "name": "Template.ExecuteTemplate"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.25.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.3",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Samy Ghannad"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a \u003cmeta\u003e tag\u0027s \u003ccontent\u003e attribute. If the URL content were to insert ASCII whitespaces around the \u0027=\u0027 rune inside of the \u003ccontent\u003e attribute, the escaper would fail to similarly escape it, leading to XSS."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T19:41:19.524Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/78913"
            },
            {
              "url": "https://go.dev/cl/769920"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4982"
            }
          ],
          "title": "Bypass of meta content URL escaping causes XSS in html/template"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-39823",
        "datePublished": "2026-05-07T19:41:19.524Z",
        "dateReserved": "2026-04-07T18:13:03.527Z",
        "dateUpdated": "2026-05-08T14:05:55.152Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-33811 (GCVE-0-2026-33811)

    Vulnerability from cvelistv5 – Published: 2026-05-07 19:41 – Updated: 2026-07-02 12:04
    VLAI
    Title
    Crash when handling long CNAME response in net
    Summary
    When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-415 - Double Free
    • CWE-1341 - Multiple Releases of Same Resource or Handle
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net Affected: 0 , < 1.25.10 (semver)
    Affected: 1.26.0-0 , < 1.26.3 (semver)
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 10)     cpe:/o:redhat:enterprise_linux:10.2
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 9)     cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Logging Subsystem for Red Hat OpenShift 6.4     cpe:/a:redhat:logging:6.4::el9
    Create a notification for this product.
    Red Hat Red Hat Developer Hub 1.9     cpe:/a:redhat:rhdh:1.9::el9
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.0     cpe:/a:redhat:service_mesh:3.0::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.1     cpe:/a:redhat:service_mesh:3.1::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.2     cpe:/a:redhat:service_mesh:3.2::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.3     cpe:/a:redhat:service_mesh:3.3::el9
    Create a notification for this product.
    Red Hat Assisted Installer for Red Hat OpenShift Container Platform 2     cpe:/a:redhat:assisted_installer:2
    Create a notification for this product.
    Red Hat Builds for Red Hat OpenShift     cpe:/a:redhat:openshift_builds:1
    Create a notification for this product.
    Red Hat cert-manager Operator for Red Hat OpenShift     cpe:/a:redhat:cert_manager:1
    Create a notification for this product.
    Red Hat Compliance Operator     cpe:/a:redhat:openshift_compliance_operator:1
    Create a notification for this product.
    Red Hat Confidential Compute Attestation     cpe:/a:redhat:confidential_compute_attestation:1
    Create a notification for this product.
    Red Hat Cryostat 4     cpe:/a:redhat:cryostat:4
    Create a notification for this product.
    Red Hat Custom Metric Autoscaler operator for Red Hat Openshift     cpe:/a:redhat:openshift_custom_metrics_autoscaler:2
    Create a notification for this product.
    Red Hat Deployment Validation Operator     cpe:/a:redhat:deployment_validator_operator
    Create a notification for this product.
    Red Hat External Secrets Operator for Red Hat OpenShift     cpe:/a:redhat:external_secrets_operator:1
    Create a notification for this product.
    Red Hat Fence Agents Remediation Operator     cpe:/a:redhat:workload_availability_far:0
    Create a notification for this product.
    Red Hat File Integrity Operator     cpe:/a:redhat:openshift_file_integrity_operator:1
    Create a notification for this product.
    Red Hat Gatekeeper 3     cpe:/a:redhat:gatekeeper:3
    Create a notification for this product.
    Red Hat Logging Subsystem for Red Hat OpenShift     cpe:/a:redhat:logging:6
    Create a notification for this product.
    Red Hat Logical Volume Manager Storage     cpe:/a:redhat:lvms:4
    Create a notification for this product.
    Red Hat Machine Deletion Remediation Operator     cpe:/a:redhat:workload_availability_mdr:0
    Create a notification for this product.
    Red Hat Migration Toolkit for Applications 8     cpe:/a:redhat:migration_toolkit_applications:8
    Create a notification for this product.
    Red Hat Migration Toolkit for Containers     cpe:/a:redhat:rhmt:1
    Create a notification for this product.
    Red Hat mirror registry for Red Hat OpenShift     cpe:/a:redhat:mirror_registry:1
    Create a notification for this product.
    Red Hat mirror registry for Red Hat OpenShift 2     cpe:/a:redhat:mirror_registry:2
    Create a notification for this product.
    Red Hat Multiarch Tuning Operator     cpe:/a:redhat:multiarch_tuning_operator
    Create a notification for this product.
    Red Hat Multicluster Engine for Kubernetes     cpe:/a:redhat:multicluster_engine
    Create a notification for this product.
    Red Hat Multicluster Global Hub     cpe:/a:redhat:multicluster_globalhub
    Create a notification for this product.
    Red Hat Network Observability Operator     cpe:/a:redhat:network_observ_optr:1
    Create a notification for this product.
    Red Hat Node HealthCheck Operator     cpe:/a:redhat:workload_availability_nhc:0
    Create a notification for this product.
    Red Hat OpenShift API for Data Protection     cpe:/a:redhat:openshift_api_data_protection:1
    Create a notification for this product.
    Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
    Create a notification for this product.
    Red Hat OpenShift Lightspeed     cpe:/a:redhat:openshift_lightspeed
    Create a notification for this product.
    Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
    Create a notification for this product.
    Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
    Create a notification for this product.
    Red Hat OpenShift Source-to-Image (S2I)     cpe:/a:redhat:source_to_image:1
    Create a notification for this product.
    Red Hat Power monitoring for Red Hat OpenShift     cpe:/a:redhat:openshift_power_monitoring
    Create a notification for this product.
    Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
    Create a notification for this product.
    Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
    Create a notification for this product.
    Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
    Create a notification for this product.
    Red Hat Red Hat build of Apicurio Registry 2     cpe:/a:redhat:service_registry:2
    Create a notification for this product.
    Red Hat Red Hat Ceph Storage 5     cpe:/a:redhat:ceph_storage:5
    Create a notification for this product.
    Red Hat Red Hat Ceph Storage 6     cpe:/a:redhat:ceph_storage:6
    Create a notification for this product.
    Red Hat Red Hat Ceph Storage 9     cpe:/a:redhat:ceph_storage:9
    Create a notification for this product.
    Red Hat Red Hat Certification Program for Red Hat Enterprise Linux 9     cpe:/a:redhat:certifications:9
    Create a notification for this product.
    Red Hat Red Hat Connectivity Link 1     cpe:/a:redhat:connectivity_link:1
    Create a notification for this product.
    Red Hat Red Hat Edge Manager 1     cpe:/a:redhat:edge_manager:1
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AI (RHEL AI) 3     cpe:/a:redhat:enterprise_linux_ai:3
    Create a notification for this product.
    Red Hat Red Hat Lightspeed for Runtimes Operator     cpe:/a:redhat:lightspeed_for_runtimes:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
    Create a notification for this product.
    Red Hat Red Hat OpenShift Cluster Manager CLI     cpe:/a:redhat:openshift_cluster_manager_cli:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Red Hat Red Hat Openshift Data Foundation 4     cpe:/a:redhat:openshift_data_foundation:4
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces     cpe:/a:redhat:openshift_devspaces:3
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Workspaces Operator     cpe:/a:redhat:devworkspace
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3     cpe:/a:redhat:openshift_distributed_tracing:3
    Create a notification for this product.
    Red Hat Red Hat OpenShift for Windows Containers     cpe:/a:redhat:windows_machine_config
    Create a notification for this product.
    Red Hat Red Hat OpenShift GitOps     cpe:/a:redhat:openshift_gitops:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift on AWS     cpe:/a:redhat:openshift_service_on_aws:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 18.0     cpe:/a:redhat:openstack:18.0
    Create a notification for this product.
    Red Hat Red Hat Quay 3     cpe:/a:redhat:quay:3
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat Red Hat Service Interconnect 1     cpe:/a:redhat:service_interconnect:1
    Create a notification for this product.
    Red Hat Red Hat Service Interconnect 2     cpe:/a:redhat:service_interconnect:2
    Create a notification for this product.
    Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
    Create a notification for this product.
    Red Hat Red Hat Web Terminal     cpe:/a:redhat:webterminal:1
    Create a notification for this product.
    Red Hat Security Profiles Operator     cpe:/a:redhat:openshift_security_profiles_operator:1
    Create a notification for this product.
    Red Hat Service Telemetry Framework 1.5     cpe:/a:redhat:stf:1.5
    Create a notification for this product.
    Red Hat streams for Apache Kafka 3     cpe:/a:redhat:amq_streams:3
    Create a notification for this product.
    Red Hat Zero Trust Workload Identity Manager     cpe:/a:redhat:zero_trust_workload_identity_manager:1
    Create a notification for this product.
    Red Hat Zero Trust Workload Identity Manager - Tech Preview     cpe:/a:redhat:zero_trust_workload_identity_manager:0
    Create a notification for this product.
    Red Hat OpenShift Service Mesh 2     cpe:/a:redhat:service_mesh:2
    Create a notification for this product.
    Red Hat OpenShift Service Mesh 3     cpe:/a:redhat:service_mesh:3
    Create a notification for this product.
    Red Hat Red Hat 3scale API Management Platform 2     cpe:/a:redhat:red_hat_3scale_amp:2
    Create a notification for this product.
    Red Hat Red Hat AMQ Clients     cpe:/a:redhat:amq_clients:2023
    Create a notification for this product.
    Credits
    hamayanhamayan
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-33811",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T14:25:39.702568Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T14:25:43.896Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:logging:6.4::el9"
                ],
                "defaultStatus": "affected",
                "product": "Logging Subsystem for Red Hat OpenShift 6.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhdh:1.9::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Developer Hub 1.9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.0::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.2::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.3::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:assisted_installer:2"
                ],
                "defaultStatus": "affected",
                "product": "Assisted Installer for Red Hat OpenShift Container Platform 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_builds:1"
                ],
                "defaultStatus": "affected",
                "product": "Builds for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:cert_manager:1"
                ],
                "defaultStatus": "affected",
                "product": "cert-manager Operator for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_compliance_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "Compliance Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:confidential_compute_attestation:1"
                ],
                "defaultStatus": "affected",
                "product": "Confidential Compute Attestation",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:cryostat:4"
                ],
                "defaultStatus": "affected",
                "product": "Cryostat 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2"
                ],
                "defaultStatus": "affected",
                "product": "Custom Metric Autoscaler operator for Red Hat Openshift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:deployment_validator_operator"
                ],
                "defaultStatus": "affected",
                "product": "Deployment Validation Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:external_secrets_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "External Secrets Operator for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:workload_availability_far:0"
                ],
                "defaultStatus": "affected",
                "product": "Fence Agents Remediation Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_file_integrity_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "File Integrity Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:gatekeeper:3"
                ],
                "defaultStatus": "affected",
                "product": "Gatekeeper 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:logging:6"
                ],
                "defaultStatus": "affected",
                "product": "Logging Subsystem for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:lvms:4"
                ],
                "defaultStatus": "affected",
                "product": "Logical Volume Manager Storage",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:workload_availability_mdr:0"
                ],
                "defaultStatus": "affected",
                "product": "Machine Deletion Remediation Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:migration_toolkit_applications:8"
                ],
                "defaultStatus": "affected",
                "product": "Migration Toolkit for Applications 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhmt:1"
                ],
                "defaultStatus": "affected",
                "product": "Migration Toolkit for Containers",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:mirror_registry:1"
                ],
                "defaultStatus": "affected",
                "product": "mirror registry for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:mirror_registry:2"
                ],
                "defaultStatus": "affected",
                "product": "mirror registry for Red Hat OpenShift 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multiarch_tuning_operator"
                ],
                "defaultStatus": "affected",
                "product": "Multiarch Tuning Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_engine"
                ],
                "defaultStatus": "affected",
                "product": "Multicluster Engine for Kubernetes",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_globalhub"
                ],
                "defaultStatus": "affected",
                "product": "Multicluster Global Hub",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:network_observ_optr:1"
                ],
                "defaultStatus": "affected",
                "product": "Network Observability Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:workload_availability_nhc:0"
                ],
                "defaultStatus": "affected",
                "product": "Node HealthCheck Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_api_data_protection:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift API for Data Protection",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_lightspeed"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Lightspeed",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_pipelines:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Pipelines",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:serverless:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Serverless",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:source_to_image:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Source-to-Image (S2I)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_power_monitoring"
                ],
                "defaultStatus": "affected",
                "product": "Power monitoring for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:acm:2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:advanced_cluster_security:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Advanced Cluster Security 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ansible_automation_platform:2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ansible Automation Platform 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_registry:2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Apicurio Registry 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ceph_storage:5"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ceph Storage 5",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ceph_storage:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ceph Storage 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ceph_storage:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ceph Storage 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:certifications:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Certification Program for Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:connectivity_link:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Connectivity Link 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:edge_manager:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Edge Manager 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux_ai:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:lightspeed_for_runtimes:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Lightspeed for Runtimes Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_ai"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift AI (RHOAI)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_cluster_manager_cli:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Cluster Manager CLI",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_data_foundation:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Openshift Data Foundation 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Dev Spaces",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:devworkspace"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Dev Workspaces Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_distributed_tracing:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift distributed tracing 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:windows_machine_config"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift for Windows Containers",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_gitops:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift GitOps",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_service_on_aws:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift on AWS",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:container_native_virtualization:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Virtualization 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:16.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenStack Platform 16.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:17.1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenStack Platform 17.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:18.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenStack Platform 18.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_interconnect:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Service Interconnect 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_interconnect:2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Service Interconnect 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:trusted_artifact_signer:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Trusted Artifact Signer",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:webterminal:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Web Terminal",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_security_profiles_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "Security Profiles Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:stf:1.5"
                ],
                "defaultStatus": "affected",
                "product": "Service Telemetry Framework 1.5",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "affected",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:zero_trust_workload_identity_manager:1"
                ],
                "defaultStatus": "affected",
                "product": "Zero Trust Workload Identity Manager",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:zero_trust_workload_identity_manager:0"
                ],
                "defaultStatus": "affected",
                "product": "Zero Trust Workload Identity Manager - Tech Preview",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:2"
                ],
                "defaultStatus": "unaffected",
                "product": "OpenShift Service Mesh 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3"
                ],
                "defaultStatus": "unaffected",
                "product": "OpenShift Service Mesh 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:red_hat_3scale_amp:2"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat 3scale API Management Platform 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_clients:2023"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat AMQ Clients",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-07T19:41:19.285Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-1341",
                    "description": "Multiple Releases of Same Resource or Handle",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-02T12:04:50.996Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-33811"
              },
              {
                "name": "RHBZ#2467822",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467822"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33811.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34357"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34359"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34364"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33574"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23262"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23264"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33120"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33123"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33142"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33150"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:34357: Red Hat Enterprise Linux AppStream (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:34359: Red Hat Enterprise Linux AppStream (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:34364: Logging Subsystem for Red Hat OpenShift 6.4"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33574: Red Hat Developer Hub 1.9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23262: Red Hat Hardened Images"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23264: Red Hat Hardened Images"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33120: Red Hat OpenShift Service Mesh 3.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33123: Red Hat OpenShift Service Mesh 3.1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33142: Red Hat OpenShift Service Mesh 3.2"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33150: Red Hat OpenShift Service Mesh 3.3"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-07T20:01:34.913Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-07T19:41:19.285Z",
                "value": "Made public."
              }
            ],
            "title": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME",
            "workarounds": [
              {
                "lang": "en",
                "value": "To mitigate this issue, applications can be configured to use the pure Go DNS resolver instead of the `cgo` DNS resolver. This can be achieved by setting the `GODEBUG` environment variable to `netdns=go`. For example, to run a Go application with this mitigation: `GODEBUG=netdns=go /path/to/your/go/application`. This change may require restarting affected applications or services to take effect. Users should verify that this change does not negatively impact DNS resolution for their specific application environment."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net",
              "product": "net",
              "programRoutines": [
                {
                  "name": "cgoResSearch"
                },
                {
                  "name": "LookupCNAME"
                },
                {
                  "name": "Resolver.LookupCNAME"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.25.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.3",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "hamayanhamayan"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-415: Double Free",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T19:41:19.285Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/78803"
            },
            {
              "url": "https://go.dev/cl/767860"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4981"
            }
          ],
          "title": "Crash when handling long CNAME response in net"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-33811",
        "datePublished": "2026-05-07T19:41:19.285Z",
        "dateReserved": "2026-03-23T20:35:32.814Z",
        "dateUpdated": "2026-07-02T12:04:50.996Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-39826 (GCVE-0-2026-39826)

    Vulnerability from cvelistv5 – Published: 2026-05-07 19:41 – Updated: 2026-05-08 14:05
    VLAI
    Title
    Escaper bypass leads to XSS in html/template
    Summary
    If a trusted template author were to write a <script> tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the <script> block.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library html/template Affected: 0 , < 1.25.10 (semver)
    Affected: 1.26.0-0 , < 1.26.3 (semver)
    Create a notification for this product.
    Credits
    Mundur (https://github.com/M0nd0R)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.1,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "CHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-39826",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T14:04:40.842823Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T14:05:05.849Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "html/template",
              "product": "html/template",
              "programRoutines": [
                {
                  "name": "isJSType"
                },
                {
                  "name": "Template.Execute"
                },
                {
                  "name": "Template.ExecuteTemplate"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.25.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.3",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Mundur (https://github.com/M0nd0R)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "If a trusted template author were to write a \u003cscript\u003e tag containing an empty \u0027type\u0027 attribute or a \u0027type\u0027 attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the \u003cscript\u003e block."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T19:41:19.138Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/78981"
            },
            {
              "url": "https://go.dev/cl/771180"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4980"
            }
          ],
          "title": "Escaper bypass leads to XSS in html/template"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-39826",
        "datePublished": "2026-05-07T19:41:19.138Z",
        "dateReserved": "2026-04-07T18:13:03.528Z",
        "dateUpdated": "2026-05-08T14:05:05.849Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-39817 (GCVE-0-2026-39817)

    Vulnerability from cvelistv5 – Published: 2026-05-07 19:41 – Updated: 2026-05-08 21:29
    VLAI
    Title
    Invoking "go tool pack" does not sanitize output paths in cmd/go
    Summary
    The "go tool pack" subcommand (usually used only by the compiler as an internal tool with known-good inputs) does not sanitize output filenames. Extracting a malicious archive file with the "pack" subcommand can write files to arbitrary locations on the filesystem.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go toolchain cmd/go Affected: 0 , < 1.25.10 (semver)
    Affected: 1.26.0-0 , < 1.26.3 (semver)
    Create a notification for this product.
    Credits
    Harshit Gupta (Mr HAX)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.9,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "CHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-39817",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T16:58:23.255142Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T21:29:47.246Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "cmd/go",
              "product": "cmd/go",
              "vendor": "Go toolchain",
              "versions": [
                {
                  "lessThan": "1.25.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.3",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Harshit Gupta (Mr HAX)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The \"go tool pack\" subcommand (usually used only by the compiler as an internal tool with known-good inputs) does not sanitize output filenames. Extracting a malicious archive file with the \"pack\" subcommand can write files to arbitrary locations on the filesystem."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T19:41:18.993Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/78778"
            },
            {
              "url": "https://go.dev/cl/767520"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4979"
            }
          ],
          "title": "Invoking \"go tool pack\" does not sanitize output paths in cmd/go"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-39817",
        "datePublished": "2026-05-07T19:41:18.993Z",
        "dateReserved": "2026-04-07T18:13:03.524Z",
        "dateUpdated": "2026-05-08T21:29:47.246Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-39819 (GCVE-0-2026-39819)

    Vulnerability from cvelistv5 – Published: 2026-05-07 19:41 – Updated: 2026-05-08 21:29
    VLAI
    Title
    Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
    Summary
    The "go bug" command writes to two files with predictable names in the system temporary directory (for example, "/tmp"). An attacker with access to the temporary directory can create a symlink in one of these names, causing "go bug" to overwrite the target of the symlink.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-377 - Insecure Temporary File
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go toolchain cmd/go Affected: 0 , < 1.25.10 (semver)
    Affected: 1.26.0-0 , < 1.26.3 (semver)
    Create a notification for this product.
    Credits
    Harshit Gupta (Mr HAX)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.3,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-39819",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T16:56:43.015860Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T21:29:53.674Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "cmd/go",
              "product": "cmd/go",
              "vendor": "Go toolchain",
              "versions": [
                {
                  "lessThan": "1.25.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.3",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Harshit Gupta (Mr HAX)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The \"go bug\" command writes to two files with predictable names in the system temporary directory (for example, \"/tmp\"). An attacker with access to the temporary directory can create a symlink in one of these names, causing \"go bug\" to overwrite the target of the symlink."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-377: Insecure Temporary File",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T19:41:18.849Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/78584"
            },
            {
              "url": "https://go.dev/cl/763882"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4978"
            }
          ],
          "title": "Invoking \"go bug\" follows symlinks in predictable temporary filenames in cmd/go"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-39819",
        "datePublished": "2026-05-07T19:41:18.849Z",
        "dateReserved": "2026-04-07T18:13:03.526Z",
        "dateUpdated": "2026-05-08T21:29:53.674Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-42499 (GCVE-0-2026-42499)

    Vulnerability from cvelistv5 – Published: 2026-05-07 19:41 – Updated: 2026-07-02 12:05
    VLAI
    Title
    Quadratic string concatenation in consumePhrase in net/mail
    Summary
    Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-407 - Inefficient Algorithmic Complexity
    • CWE-1046 - Creation of Immutable Text Using String Concatenation
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/mail Affected: 0 , < 1.25.10 (semver)
    Affected: 1.26.0-0 , < 1.26.3 (semver)
    Create a notification for this product.
    Red Hat Logging Subsystem for Red Hat OpenShift 6.4     cpe:/a:redhat:logging:6.4::el9
    Create a notification for this product.
    Red Hat Red Hat Developer Hub 1.9     cpe:/a:redhat:rhdh:1.9::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.0     cpe:/a:redhat:service_mesh:3.0::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.1     cpe:/a:redhat:service_mesh:3.1::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.2     cpe:/a:redhat:service_mesh:3.2::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.3     cpe:/a:redhat:service_mesh:3.3::el9
    Create a notification for this product.
    Red Hat Assisted Installer for Red Hat OpenShift Container Platform 2     cpe:/a:redhat:assisted_installer:2
    Create a notification for this product.
    Red Hat cert-manager Operator for Red Hat OpenShift     cpe:/a:redhat:cert_manager:1
    Create a notification for this product.
    Red Hat Confidential Compute Attestation     cpe:/a:redhat:confidential_compute_attestation:1
    Create a notification for this product.
    Red Hat Cryostat 4     cpe:/a:redhat:cryostat:4
    Create a notification for this product.
    Red Hat Custom Metric Autoscaler operator for Red Hat Openshift     cpe:/a:redhat:openshift_custom_metrics_autoscaler:2
    Create a notification for this product.
    Red Hat External Secrets Operator for Red Hat OpenShift     cpe:/a:redhat:external_secrets_operator:1
    Create a notification for this product.
    Red Hat File Integrity Operator     cpe:/a:redhat:openshift_file_integrity_operator:1
    Create a notification for this product.
    Red Hat Logical Volume Manager Storage     cpe:/a:redhat:lvms:4
    Create a notification for this product.
    Red Hat Migration Toolkit for Applications 8     cpe:/a:redhat:migration_toolkit_applications:8
    Create a notification for this product.
    Red Hat Migration Toolkit for Containers     cpe:/a:redhat:rhmt:1
    Create a notification for this product.
    Red Hat Multiarch Tuning Operator     cpe:/a:redhat:multiarch_tuning_operator
    Create a notification for this product.
    Red Hat Network Observability Operator     cpe:/a:redhat:network_observ_optr:1
    Create a notification for this product.
    Red Hat OpenShift API for Data Protection     cpe:/a:redhat:openshift_api_data_protection:1
    Create a notification for this product.
    Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
    Create a notification for this product.
    Red Hat OpenShift Lightspeed     cpe:/a:redhat:openshift_lightspeed
    Create a notification for this product.
    Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
    Create a notification for this product.
    Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
    Create a notification for this product.
    Red Hat OpenShift Service Mesh 2     cpe:/a:redhat:service_mesh:2
    Create a notification for this product.
    Red Hat OpenShift Service Mesh 3     cpe:/a:redhat:service_mesh:3
    Create a notification for this product.
    Red Hat Power monitoring for Red Hat OpenShift     cpe:/a:redhat:openshift_power_monitoring
    Create a notification for this product.
    Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
    Create a notification for this product.
    Red Hat Red Hat Ceph Storage 5     cpe:/a:redhat:ceph_storage:5
    Create a notification for this product.
    Red Hat Red Hat Ceph Storage 6     cpe:/a:redhat:ceph_storage:6
    Create a notification for this product.
    Red Hat Red Hat Ceph Storage 9     cpe:/a:redhat:ceph_storage:9
    Create a notification for this product.
    Red Hat Red Hat Certification Program for Red Hat Enterprise Linux 9     cpe:/a:redhat:certifications:9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
    Create a notification for this product.
    Red Hat Red Hat OpenShift Cluster Manager CLI     cpe:/a:redhat:openshift_cluster_manager_cli:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Red Hat Red Hat Openshift Data Foundation 4     cpe:/a:redhat:openshift_data_foundation:4
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces     cpe:/a:redhat:openshift_devspaces:3
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Workspaces Operator     cpe:/a:redhat:devworkspace
    Create a notification for this product.
    Red Hat Red Hat OpenShift distributed tracing 3     cpe:/a:redhat:openshift_distributed_tracing:3
    Create a notification for this product.
    Red Hat Red Hat OpenShift for Windows Containers     cpe:/a:redhat:windows_machine_config
    Create a notification for this product.
    Red Hat Red Hat OpenShift GitOps     cpe:/a:redhat:openshift_gitops:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 18.0     cpe:/a:redhat:openstack:18.0
    Create a notification for this product.
    Red Hat Red Hat Quay 3     cpe:/a:redhat:quay:3
    Create a notification for this product.
    Red Hat Red Hat Service Interconnect 1     cpe:/a:redhat:service_interconnect:1
    Create a notification for this product.
    Red Hat Red Hat Service Interconnect 2     cpe:/a:redhat:service_interconnect:2
    Create a notification for this product.
    Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
    Create a notification for this product.
    Red Hat Security Profiles Operator     cpe:/a:redhat:openshift_security_profiles_operator:1
    Create a notification for this product.
    Red Hat Zero Trust Workload Identity Manager     cpe:/a:redhat:zero_trust_workload_identity_manager:1
    Create a notification for this product.
    Red Hat Zero Trust Workload Identity Manager - Tech Preview     cpe:/a:redhat:zero_trust_workload_identity_manager:0
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
    Create a notification for this product.
    Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
    Create a notification for this product.
    Red Hat Gatekeeper 3     cpe:/a:redhat:gatekeeper:3
    Create a notification for this product.
    Red Hat Multicluster Engine for Kubernetes     cpe:/a:redhat:multicluster_engine
    Create a notification for this product.
    Red Hat Multicluster Global Hub     cpe:/a:redhat:multicluster_globalhub
    Create a notification for this product.
    Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
    Create a notification for this product.
    Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
    Create a notification for this product.
    Red Hat Red Hat Edge Manager 1     cpe:/a:redhat:edge_manager:1
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AI (RHEL AI) 3     cpe:/a:redhat:enterprise_linux_ai:3
    Create a notification for this product.
    Red Hat Red Hat Lightspeed for Runtimes Operator     cpe:/a:redhat:lightspeed_for_runtimes:1
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-42499",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T16:55:28.873015Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T21:29:59.662Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:logging:6.4::el9"
                ],
                "defaultStatus": "affected",
                "product": "Logging Subsystem for Red Hat OpenShift 6.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhdh:1.9::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Developer Hub 1.9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.0::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.2::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.3::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:assisted_installer:2"
                ],
                "defaultStatus": "affected",
                "product": "Assisted Installer for Red Hat OpenShift Container Platform 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:cert_manager:1"
                ],
                "defaultStatus": "affected",
                "product": "cert-manager Operator for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:confidential_compute_attestation:1"
                ],
                "defaultStatus": "affected",
                "product": "Confidential Compute Attestation",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:cryostat:4"
                ],
                "defaultStatus": "affected",
                "product": "Cryostat 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2"
                ],
                "defaultStatus": "affected",
                "product": "Custom Metric Autoscaler operator for Red Hat Openshift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:external_secrets_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "External Secrets Operator for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_file_integrity_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "File Integrity Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:lvms:4"
                ],
                "defaultStatus": "affected",
                "product": "Logical Volume Manager Storage",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:migration_toolkit_applications:8"
                ],
                "defaultStatus": "affected",
                "product": "Migration Toolkit for Applications 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhmt:1"
                ],
                "defaultStatus": "affected",
                "product": "Migration Toolkit for Containers",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multiarch_tuning_operator"
                ],
                "defaultStatus": "affected",
                "product": "Multiarch Tuning Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:network_observ_optr:1"
                ],
                "defaultStatus": "affected",
                "product": "Network Observability Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_api_data_protection:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift API for Data Protection",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_lightspeed"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Lightspeed",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_pipelines:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Pipelines",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:serverless:1"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Serverless",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:2"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Service Mesh 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Service Mesh 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_power_monitoring"
                ],
                "defaultStatus": "affected",
                "product": "Power monitoring for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:advanced_cluster_security:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Advanced Cluster Security 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ceph_storage:5"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ceph Storage 5",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ceph_storage:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ceph Storage 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ceph_storage:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ceph Storage 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:certifications:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Certification Program for Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_ai"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift AI (RHOAI)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_cluster_manager_cli:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Cluster Manager CLI",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_data_foundation:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Openshift Data Foundation 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Dev Spaces",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:devworkspace"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Dev Workspaces Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_distributed_tracing:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift distributed tracing 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:windows_machine_config"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift for Windows Containers",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_gitops:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift GitOps",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:container_native_virtualization:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Virtualization 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:18.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenStack Platform 18.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_interconnect:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Service Interconnect 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_interconnect:2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Service Interconnect 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:trusted_artifact_signer:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Trusted Artifact Signer",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_security_profiles_operator:1"
                ],
                "defaultStatus": "affected",
                "product": "Security Profiles Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:zero_trust_workload_identity_manager:1"
                ],
                "defaultStatus": "affected",
                "product": "Zero Trust Workload Identity Manager",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:zero_trust_workload_identity_manager:0"
                ],
                "defaultStatus": "affected",
                "product": "Zero Trust Workload Identity Manager - Tech Preview",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:16.2"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenStack Platform 16.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openstack:17.1"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenStack Platform 17.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:gatekeeper:3"
                ],
                "defaultStatus": "unknown",
                "product": "Gatekeeper 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_engine"
                ],
                "defaultStatus": "unknown",
                "product": "Multicluster Engine for Kubernetes",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:multicluster_globalhub"
                ],
                "defaultStatus": "unknown",
                "product": "Multicluster Global Hub",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:acm:2"
                ],
                "defaultStatus": "unknown",
                "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ansible_automation_platform:2"
                ],
                "defaultStatus": "unknown",
                "product": "Red Hat Ansible Automation Platform 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:edge_manager:1"
                ],
                "defaultStatus": "unknown",
                "product": "Red Hat Edge Manager 1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux_ai:3"
                ],
                "defaultStatus": "unknown",
                "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:lightspeed_for_runtimes:1"
                ],
                "defaultStatus": "unknown",
                "product": "Red Hat Lightspeed for Runtimes Operator",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "unknown",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-07T19:41:18.615Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-1046",
                    "description": "Creation of Immutable Text Using String Concatenation",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-02T12:05:06.478Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-42499"
              },
              {
                "name": "RHBZ#2467809",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467809"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-42499.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34364"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33574"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33120"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33123"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33142"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33150"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:34364: Logging Subsystem for Red Hat OpenShift 6.4"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33574: Red Hat Developer Hub 1.9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33120: Red Hat OpenShift Service Mesh 3.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33123: Red Hat OpenShift Service Mesh 3.1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33142: Red Hat OpenShift Service Mesh 3.2"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33150: Red Hat OpenShift Service Mesh 3.3"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-07T20:00:51.685Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-07T19:41:18.615Z",
                "value": "Made public."
              }
            ],
            "title": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/mail",
              "product": "net/mail",
              "programRoutines": [
                {
                  "name": "addrParser.consumePhrase"
                },
                {
                  "name": "AddressParser.Parse"
                },
                {
                  "name": "AddressParser.ParseList"
                },
                {
                  "name": "Header.AddressList"
                },
                {
                  "name": "ParseAddress"
                },
                {
                  "name": "ParseAddressList"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.25.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.3",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-407: Inefficient Algorithmic Complexity",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T19:41:18.615Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/78987"
            },
            {
              "url": "https://go.dev/cl/771520"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4977"
            }
          ],
          "title": "Quadratic string concatenation in consumePhrase in net/mail"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-42499",
        "datePublished": "2026-05-07T19:41:18.615Z",
        "dateReserved": "2026-04-28T00:21:12.791Z",
        "dateUpdated": "2026-07-02T12:05:06.478Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-39825 (GCVE-0-2026-39825)

    Vulnerability from cvelistv5 – Published: 2026-05-07 19:41 – Updated: 2026-05-08 21:30
    VLAI
    Title
    ReverseProxy forwards queries with more than urlmaxqueryparams parameters in net/http/httputil
    Summary
    ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery. ReverseProxy does not take ParseQuery's limit on the total number of query parameters (controlled by GODEBUG=urlmaxqueryparams=N) into account. This can permit ReverseProxy to forward a request containing a query parameter that is not visible to the Rewrite function. For example, the query "a1=x&a2=x&...&a10000=x&hidden=y" can forward the parameter "hidden=y" while hiding it from the proxy's Rewrite function.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net/http/httputil Affected: 0 , < 1.25.10 (semver)
    Affected: 1.26.0-0 , < 1.26.3 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.3,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-39825",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T16:46:43.329507Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T21:30:08.872Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http/httputil",
              "product": "net/http/httputil",
              "programRoutines": [
                {
                  "name": "cleanQueryParams"
                },
                {
                  "name": "ReverseProxy.ServeHTTP"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.25.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.3",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery. ReverseProxy does not take ParseQuery\u0027s limit on the total number of query parameters (controlled by GODEBUG=urlmaxqueryparams=N) into account. This can permit ReverseProxy to forward a request containing a query parameter that is not visible to the Rewrite function. For example, the query \"a1=x\u0026a2=x\u0026...\u0026a10000=x\u0026hidden=y\" can forward the parameter \"hidden=y\" while hiding it from the proxy\u0027s Rewrite function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T19:41:18.453Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/770541"
            },
            {
              "url": "https://go.dev/issue/78948"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4976"
            }
          ],
          "title": "ReverseProxy forwards queries with more than urlmaxqueryparams parameters in net/http/httputil"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-39825",
        "datePublished": "2026-05-07T19:41:18.453Z",
        "dateReserved": "2026-04-07T18:13:03.527Z",
        "dateUpdated": "2026-05-08T21:30:08.872Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-39836 (GCVE-0-2026-39836)

    Vulnerability from cvelistv5 – Published: 2026-05-07 19:41 – Updated: 2026-05-08 21:30
    VLAI
    Title
    Panic in Dial and LookupPort when handling NUL byte on Windows in net
    Summary
    The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL (0).
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library net Affected: 0 , < 1.25.10 (semver)
    Affected: 1.26.0-0 , < 1.26.3 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-39836",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T16:36:25.079035Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T21:30:15.127Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net",
              "product": "net",
              "programRoutines": [
                {
                  "name": "Resolver.lookupPort"
                },
                {
                  "name": "Resolver.lookupAddr"
                },
                {
                  "name": "Resolver.lookupTXT"
                },
                {
                  "name": "Resolver.lookupNS"
                },
                {
                  "name": "Resolver.lookupMX"
                },
                {
                  "name": "Resolver.lookupSRV"
                },
                {
                  "name": "Dial"
                },
                {
                  "name": "DialTimeout"
                },
                {
                  "name": "Dialer.Dial"
                },
                {
                  "name": "Dialer.DialContext"
                },
                {
                  "name": "Listen"
                },
                {
                  "name": "ListenConfig.Listen"
                },
                {
                  "name": "ListenConfig.ListenPacket"
                },
                {
                  "name": "ListenPacket"
                },
                {
                  "name": "LookupAddr"
                },
                {
                  "name": "LookupCNAME"
                },
                {
                  "name": "LookupHost"
                },
                {
                  "name": "LookupIP"
                },
                {
                  "name": "LookupMX"
                },
                {
                  "name": "LookupNS"
                },
                {
                  "name": "LookupPort"
                },
                {
                  "name": "LookupSRV"
                },
                {
                  "name": "LookupTXT"
                },
                {
                  "name": "ResolveIPAddr"
                },
                {
                  "name": "ResolveTCPAddr"
                },
                {
                  "name": "ResolveUDPAddr"
                },
                {
                  "name": "Resolver.LookupAddr"
                },
                {
                  "name": "Resolver.LookupCNAME"
                },
                {
                  "name": "Resolver.LookupHost"
                },
                {
                  "name": "Resolver.LookupIP"
                },
                {
                  "name": "Resolver.LookupIPAddr"
                },
                {
                  "name": "Resolver.LookupMX"
                },
                {
                  "name": "Resolver.LookupNS"
                },
                {
                  "name": "Resolver.LookupNetIP"
                },
                {
                  "name": "Resolver.LookupPort"
                },
                {
                  "name": "Resolver.LookupSRV"
                },
                {
                  "name": "Resolver.LookupTXT"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.25.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.3",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL (0)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-248: Uncaught Exception",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T19:41:18.300Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/79006"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
            },
            {
              "url": "https://go.dev/cl/775320"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4971"
            }
          ],
          "title": "Panic in Dial and LookupPort when handling NUL byte on Windows in net"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-39836",
        "datePublished": "2026-05-07T19:41:18.300Z",
        "dateReserved": "2026-04-07T18:13:03.529Z",
        "dateUpdated": "2026-05-08T21:30:15.127Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-33814 (GCVE-0-2026-33814)

    Vulnerability from cvelistv5 – Published: 2026-05-07 19:41 – Updated: 2026-07-02 12:05
    VLAI
    Title
    Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net
    Summary
    When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
    • CWE-606 - Unchecked Input for Loop Condition
    Assigner
    Go
    Impacted products
    Vendor Product Version
    golang.org/x/net golang.org/x/net/http2 Affected: 0 , < 0.53.0 (semver)
    Create a notification for this product.
    Go standard library net/http Affected: 0 , < 1.25.10 (semver)
    Affected: 1.26.0-0 , < 1.26.3 (semver)
    Create a notification for this product.
    Red Hat Cluster Observability Operator 1.5.0     cpe:/a:redhat:cluster_observability_operator:1.5::el9
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.0     cpe:/a:redhat:service_mesh:3.0::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.1     cpe:/a:redhat:service_mesh:3.1::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.2     cpe:/a:redhat:service_mesh:3.2::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Service Mesh 3.3     cpe:/a:redhat:service_mesh:3.3::el9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AI (RHEL AI) 3     cpe:/a:redhat:enterprise_linux_ai:3
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
    Create a notification for this product.
    Red Hat OpenShift Service Mesh 2     cpe:/a:redhat:service_mesh:2
    Create a notification for this product.
    Credits
    Marwan Atia (marwansamir688@gmail.com)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-33814",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T18:00:53.951676Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T18:01:02.989Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:cluster_observability_operator:1.5::el9"
                ],
                "defaultStatus": "affected",
                "product": "Cluster Observability Operator 1.5.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.0::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.2::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:3.3::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Service Mesh 3.3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux_ai:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:container_native_virtualization:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Virtualization 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:service_mesh:2"
                ],
                "defaultStatus": "unaffected",
                "product": "OpenShift Service Mesh 2",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-07T19:41:17.631Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in the HTTP/2 protocol implementation within the Go standard library (golang.org/x/net and net/http/internal/http2). A remote attacker can exploit this vulnerability by sending a specially crafted HTTP/2 SETTINGS frame with the SETTINGS_MAX_FRAME_SIZE parameter set to zero. This malicious frame causes the transport layer to enter an infinite loop of writing CONTINUATION frames, leading to resource exhaustion and a Denial of Service (DoS) condition."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-606",
                    "description": "Unchecked Input for Loop Condition",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-02T12:05:19.070Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-33814"
              },
              {
                "name": "RHBZ#2467815",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467815"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33814.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34342"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23262"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23264"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33120"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33123"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33142"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33150"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:34342: Cluster Observability Operator 1.5.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23262: Red Hat Hardened Images"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23264: Red Hat Hardened Images"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33120: Red Hat OpenShift Service Mesh 3.0"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33123: Red Hat OpenShift Service Mesh 3.1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33142: Red Hat OpenShift Service Mesh 3.2"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33150: Red Hat OpenShift Service Mesh 3.3"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-07T20:01:11.324Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-07T19:41:17.631Z",
                "value": "Made public."
              }
            ],
            "title": "net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "golang.org/x/net/http2",
              "product": "golang.org/x/net/http2",
              "programRoutines": [
                {
                  "name": "clientConnReadLoop.processSettingsNoWrite"
                },
                {
                  "name": "Transport.NewClientConn"
                },
                {
                  "name": "Transport.RoundTrip"
                },
                {
                  "name": "Transport.RoundTripOpt"
                },
                {
                  "name": "clientConnPool.GetClientConn"
                },
                {
                  "name": "noDialClientConnPool.GetClientConn"
                },
                {
                  "name": "noDialH2RoundTripper.NewClientConn"
                },
                {
                  "name": "noDialH2RoundTripper.RoundTrip"
                },
                {
                  "name": "unencryptedTransport.RoundTrip"
                }
              ],
              "vendor": "golang.org/x/net",
              "versions": [
                {
                  "lessThan": "0.53.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "net/http",
              "product": "net/http",
              "programRoutines": [
                {
                  "name": "http2clientConnReadLoop.processSettingsNoWrite"
                },
                {
                  "name": "Client.CloseIdleConnections"
                },
                {
                  "name": "Client.Do"
                },
                {
                  "name": "Client.Get"
                },
                {
                  "name": "Client.Head"
                },
                {
                  "name": "Client.Post"
                },
                {
                  "name": "Client.PostForm"
                },
                {
                  "name": "ClientConn.Close"
                },
                {
                  "name": "ClientConn.RoundTrip"
                },
                {
                  "name": "Get"
                },
                {
                  "name": "Head"
                },
                {
                  "name": "Post"
                },
                {
                  "name": "PostForm"
                },
                {
                  "name": "Transport.CloseIdleConnections"
                },
                {
                  "name": "Transport.NewClientConn"
                },
                {
                  "name": "Transport.RoundTrip"
                },
                {
                  "name": "http1ClientConn.Close"
                },
                {
                  "name": "http1ClientConn.RoundTrip"
                },
                {
                  "name": "http2Transport.NewClientConn"
                },
                {
                  "name": "http2Transport.RoundTrip"
                },
                {
                  "name": "http2Transport.RoundTripOpt"
                },
                {
                  "name": "http2clientConnPool.GetClientConn"
                },
                {
                  "name": "http2noDialClientConnPool.GetClientConn"
                },
                {
                  "name": "http2noDialH2RoundTripper.NewClientConn"
                },
                {
                  "name": "http2noDialH2RoundTripper.RoundTrip"
                },
                {
                  "name": "http2unencryptedTransport.RoundTrip"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.25.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.26.3",
                  "status": "affected",
                  "version": "1.26.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Marwan Atia (marwansamir688@gmail.com)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T19:41:17.631Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/761581"
            },
            {
              "url": "https://go.dev/cl/761640"
            },
            {
              "url": "https://go.dev/issue/78476"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4918"
            }
          ],
          "title": "Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2026-33814",
        "datePublished": "2026-05-07T19:41:17.631Z",
        "dateReserved": "2026-03-23T20:35:32.814Z",
        "dateUpdated": "2026-07-02T12:05:19.070Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    VAR-202310-0175

    Vulnerability from variot - Updated: 2026-04-10 22:02

    The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512


    Debian Security Advisory DSA-5540-1 security@debian.org https://www.debian.org/security/ Markus Koschany October 30, 2023 https://www.debian.org/security/faq


    Package : jetty9 CVE ID : CVE-2023-36478 CVE-2023-44487

    Two remotely exploitable security vulnerabilities were discovered in Jetty 9, a Java based web server and servlet engine. The HTTP/2 protocol implementation did not sufficiently verify if HPACK header values exceed their size limit. This problem is also known as Rapid Reset Attack.

    For the oldstable distribution (bullseye), these problems have been fixed in version 9.4.50-4+deb11u1.

    For the stable distribution (bookworm), these problems have been fixed in version 9.4.50-4+deb12u2.

    We recommend that you upgrade your jetty9 packages.

    For the detailed security status of jetty9 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/jetty9

    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmVABttfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeTJ2g/9E8TKXU1Mko9WhumkvRQNsYxAM43L/gmYMRm4JEqhqpjHHZECJIOAVyxs uN0uE13T+JckplIAhfdsZgbmDDNjASyFWv9OfOdf2h4Y9ZhoXP22MXI2MjKb9MSH KfmPtX4S95UyF/Ty0kK17W63p4EvtNlcgRokx5yFpUF/rN72GXVx25W6WQ1pSHrJ ESJMqOr8d3Wn5/4yaPEunQrvPa4WkQSTv8nHAIxIenP3wiNuK2tZWN6GCAdbirQp MWt282W/ueGcRDq8UJB2tWkxqx8CNnqeIeh0LpaSZRbaf62DChtyj+5OnYyhwBTk 1mhwuveCFtNzRQyHRBrOrVWRAG43ktSyEYG90Il9iDchQROi0sJkQFVB0TXG6FnC hIFBcPw9VW5+7I+4gxexhpguq/SXZV9V9QH+jSeEBOgdKY/qX0farjElmhgFLRuS /weJAqnc9C6w4BB7gnE9ow4nbGqKqMEj1yoO8itMhCWBCaEIia0INpao7pfpf/9r KekLFoi6Gux0gqVMhhBw3latxW9zth93tNEeuuGb+kP/TDreBVkZnqrYVbtj49Wv IMX77Q8OB/TDQ8K5cEq05wcq59TIkAaVKGrP3sXsjbt4umbkjhbp8Oxv+chMOgPQ E8ThC0Q+lbZ4nth0vw2R93ObMfzlxZN2YJUqKf3aw/yAKd8YIys=CO/+ -----END PGP SIGNATURE----- .

    Description:

    Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This could result in denial of service.

    Description:

    nghttp2 contains the Hypertext Transfer Protocol version 2 (HTTP/2) client, server, and proxy programs as well as a library implementing the HTTP/2 protocol in C.

    Description:

    Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.

    Description:

    .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

    New versions of .NET that address a security vulnerability are now available. The updated versions are .NET 6.0 to SDK 6.0.123 and Runtime 6.0.23.

    The following advisory data is extracted from:

    https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7481.json

    Red Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

    • Packet Storm Staff

    ==================================================================== Red Hat Security Advisory

    Synopsis: Important: OpenShift Container Platform 4.11.54 packages and security update Advisory ID: RHSA-2023:7481-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2023:7481 Issue date: 2023-11-29 Revision: 01 CVE Names: CVE-2023-44487 ====================================================================

    Summary:

    Red Hat OpenShift Container Platform release 4.11.54 is now available with updates to packages and images that fix several bugs and add enhancements.

    This release includes a security update for Red Hat OpenShift Container Platform 4.11.

    Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

    Description:

    Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

    This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.54. See the following advisory for the container images for this release:

    https://access.redhat.com/errata/RHSA-2023:7479

    Security Fix(es):

    • HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

    All OpenShift Container Platform 4.11 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html

    Solution:

    https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html

    CVEs:

    CVE-2023-44487

    References:

    https://access.redhat.com/security/updates/classification/#important https://bugzilla.redhat.com/show_bug.cgi?id=2242803

    . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202408-10


                                           https://security.gentoo.org/
    

    Severity: Normal Title: nghttp2: Multiple Vulnerabilities Date: August 07, 2024 Bugs: #915554, #928541 ID: 202408-10


    Synopsis

    Multiple vulnerabilities have been discovered in nghttp2, the worst of which could lead to a denial of service.

    Background

    Nghttp2 is an implementation of HTTP/2 and its header compression algorithm HPACK in C.

    Affected packages

    Package Vulnerable Unaffected


    net-libs/nghttp2 < 1.61.0 >= 1.61.0

    Description

    Multiple vulnerabilities have been discovered in nghttp2. Please review the CVE identifiers referenced below for details.

    Impact

    Please review the referenced CVE identifiers for details.

    Workaround

    There is no known workaround at this time.

    Resolution

    All nghttp2 users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/nghttp2-1.61.0"

    References

    [ 1 ] CVE-2023-44487 https://nvd.nist.gov/vuln/detail/CVE-2023-44487 [ 2 ] CVE-2024-28182 https://nvd.nist.gov/vuln/detail/CVE-2024-28182

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    https://security.gentoo.org/glsa/202408-10

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2024 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    https://creativecommons.org/licenses/by-sa/2.5

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "node healthcheck operator",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "big-ip local traffic manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "_id": null,
            "model": "secure dynamic attributes connector",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2.2.0"
          },
          {
            "_id": null,
            "model": "varnish cache",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "varnish cache",
            "version": "2023-10-10"
          },
          {
            "_id": null,
            "model": "decision manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "big-ip local traffic manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "_id": null,
            "model": "openshift",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "nginx plus",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "f5",
            "version": "r29"
          },
          {
            "_id": null,
            "model": "big-ip analytics",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "_id": null,
            "model": "big-ip link controller",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "_id": null,
            "model": "build of quarkus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "netty",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netty",
            "version": "4.1.100"
          },
          {
            "_id": null,
            "model": "big-ip analytics",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "_id": null,
            "model": "big-ip webaccelerator",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "_id": null,
            "model": "cost management",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "nx-os",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "10.2\\(7\\)"
          },
          {
            "_id": null,
            "model": "big-ip application security manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "big-ip global traffic manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "_id": null,
            "model": "tomcat",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "apache",
            "version": "8.5.0"
          },
          {
            "_id": null,
            "model": "visual studio 2022",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "17.0"
          },
          {
            "_id": null,
            "model": "big-ip analytics",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "_id": null,
            "model": "big-ip websafe",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "_id": null,
            "model": "big-ip application acceleration manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "_id": null,
            "model": "kong gateway",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "konghq",
            "version": "3.4.2"
          },
          {
            "_id": null,
            "model": "traffic server",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "apache",
            "version": "9.0.0"
          },
          {
            "_id": null,
            "model": "prime network registrar",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2"
          },
          {
            "_id": null,
            "model": "big-ip access policy manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "_id": null,
            "model": "big-ip link controller",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "_id": null,
            "model": "big-ip access policy manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "_id": null,
            "model": "big-ip webaccelerator",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "_id": null,
            "model": "big-ip application security manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "_id": null,
            "model": "openshift virtualization",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "jboss enterprise application platform",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0.0"
          },
          {
            "_id": null,
            "model": "big-ip domain name system",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "_id": null,
            "model": "big-ip ddos hybrid defender",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "_id": null,
            "model": "nginx ingress controller",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "3.0.0"
          },
          {
            "_id": null,
            "model": "integration camel k",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "integration service registry",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "big-ip advanced firewall manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "_id": null,
            "model": "big-ip ssl orchestrator",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "_id": null,
            "model": "big-ip global traffic manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "_id": null,
            "model": "migration toolkit for applications",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "big-ip advanced firewall manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "_id": null,
            "model": "solr",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "apache",
            "version": "9.4.0"
          },
          {
            "_id": null,
            "model": "big-ip application acceleration manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "_id": null,
            "model": "big-ip policy enforcement manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "_id": null,
            "model": "iot field network director",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.11.0"
          },
          {
            "_id": null,
            "model": "big-ip application security manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "_id": null,
            "model": "openshift distributed tracing",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "visual studio 2022",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "17.6"
          },
          {
            "_id": null,
            "model": "cbl-mariner",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "2023-10-11"
          },
          {
            "_id": null,
            "model": "asp.net core",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "6.0.23"
          },
          {
            "_id": null,
            "model": "big-ip next",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "20.0.1"
          },
          {
            "_id": null,
            "model": "big-ip advanced firewall manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "_id": null,
            "model": "big-ip access policy manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "_id": null,
            "model": "openstack platform",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "16.2"
          },
          {
            "_id": null,
            "model": "unified contact center enterprise - live data server",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.6.2"
          },
          {
            "_id": null,
            "model": "nx-os",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "10.3\\(5\\)"
          },
          {
            "_id": null,
            "model": "big-ip domain name system",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "_id": null,
            "model": "caddy",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "caddyserver",
            "version": "2.7.5"
          },
          {
            "_id": null,
            "model": "big-ip ddos hybrid defender",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "_id": null,
            "model": "big-ip application acceleration manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "_id": null,
            "model": "big-ip application visibility and reporting",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "_id": null,
            "model": "expressway",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "x14.3.3"
          },
          {
            "_id": null,
            "model": "big-ip carrier-grade nat",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "_id": null,
            "model": "nghttp2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "nghttp2",
            "version": "1.57.0"
          },
          {
            "_id": null,
            "model": "big-ip advanced web application firewall",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "_id": null,
            "model": "big-ip policy enforcement manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "_id": null,
            "model": "openshift pipelines",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "big-ip carrier-grade nat",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "_id": null,
            "model": "unified contact center domain manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "jetty",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "eclipse",
            "version": "12.0.0"
          },
          {
            "_id": null,
            "model": "openshift secondary scheduler operator",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "openstack platform",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "16.1"
          },
          {
            "_id": null,
            "model": "grpc",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "grpc",
            "version": "1.58.0"
          },
          {
            "_id": null,
            "model": "swiftnio http\\/2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.28.0"
          },
          {
            "_id": null,
            "model": "openshift dev spaces",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "windows 10 21h2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "10.0.19044.3570"
          },
          {
            "_id": null,
            "model": "big-ip carrier-grade nat",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "_id": null,
            "model": "opensearch data prepper",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "amazon",
            "version": "2.5.0"
          },
          {
            "_id": null,
            "model": "telepresence video communication server",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "x14.3.3"
          },
          {
            "_id": null,
            "model": "big-ip application visibility and reporting",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "_id": null,
            "model": "advanced cluster security",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "business process automation",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.2.003.009"
          },
          {
            "_id": null,
            "model": "big-ip advanced web application firewall",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "_id": null,
            "model": "enterprise chat and email",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "linkerd",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "linkerd",
            "version": "2.12.5"
          },
          {
            "_id": null,
            "model": "service interconnect",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "machine deletion remediation operator",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "satellite",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "big-ip policy enforcement manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "_id": null,
            "model": "visual studio 2022",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "17.7.5"
          },
          {
            "_id": null,
            "model": "windows 11 21h2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "10.0.22000.2538"
          },
          {
            "_id": null,
            "model": "traefik",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "traefik",
            "version": "3.0.0"
          },
          {
            "_id": null,
            "model": "single sign-on",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "ios xr",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "7.11.2"
          },
          {
            "_id": null,
            "model": "big-ip fraud protection service",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "_id": null,
            "model": "jetty",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "eclipse",
            "version": "10.0.0"
          },
          {
            "_id": null,
            "model": "ultra cloud core - serving gateway function",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2024.02.0"
          },
          {
            "_id": null,
            "model": "secure malware analytics",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2.19.2"
          },
          {
            "_id": null,
            "model": "self node remediation operator",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "big-ip global traffic manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "_id": null,
            "model": "jboss enterprise application platform",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0.0"
          },
          {
            "_id": null,
            "model": "big-ip global traffic manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "_id": null,
            "model": "big-ip local traffic manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "_id": null,
            "model": "fedora",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fedoraproject",
            "version": "37"
          },
          {
            "_id": null,
            "model": "tomcat",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "apache",
            "version": "9.0.80"
          },
          {
            "_id": null,
            "model": "nx-os",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "10.4\\(1\\)"
          },
          {
            "_id": null,
            "model": "cryostat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "oncommand insight",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netapp",
            "version": null
          },
          {
            "_id": null,
            "model": "big-ip access policy manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "_id": null,
            "model": "big-ip link controller",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "_id": null,
            "model": "big-ip webaccelerator",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "_id": null,
            "model": "nginx plus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "r29"
          },
          {
            "_id": null,
            "model": "node.js",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "20.8.1"
          },
          {
            "_id": null,
            "model": "fedora",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fedoraproject",
            "version": "38"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "visual studio 2022",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "17.6.8"
          },
          {
            "_id": null,
            "model": "tomcat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apache",
            "version": "11.0.0"
          },
          {
            "_id": null,
            "model": "grpc",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "grpc",
            "version": "1.59.2"
          },
          {
            "_id": null,
            "model": "big-ip analytics",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "_id": null,
            "model": "openshift api for data protection",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "big-ip ssl orchestrator",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "_id": null,
            "model": "big-ip local traffic manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "_id": null,
            "model": "big-ip application security manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "_id": null,
            "model": "big-ip global traffic manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "_id": null,
            "model": "integration camel for spring boot",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "istio",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "istio",
            "version": "1.18.0"
          },
          {
            "_id": null,
            "model": "big-ip application security manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "_id": null,
            "model": "support for spring boot",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "prime infrastructure",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.10.4"
          },
          {
            "_id": null,
            "model": "tomcat",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "apache",
            "version": "8.5.93"
          },
          {
            "_id": null,
            "model": "big-ip websafe",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "_id": null,
            "model": "nginx plus",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "r25"
          },
          {
            "_id": null,
            "model": "web terminal",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "nx-os",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "10.4\\(2\\)"
          },
          {
            "_id": null,
            "model": "big-ip application acceleration manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "_id": null,
            "model": "ceph storage",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "big-ip application security manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "_id": null,
            "model": "proxygen",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "facebook",
            "version": "2023.10.16.00"
          },
          {
            "_id": null,
            "model": ".net",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "7.0.0"
          },
          {
            "_id": null,
            "model": "big-ip analytics",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "_id": null,
            "model": "nx-os",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "10.3\\(1\\)"
          },
          {
            "_id": null,
            "model": "big-ip policy enforcement manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "_id": null,
            "model": "firepower threat defense",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "7.4.2"
          },
          {
            "_id": null,
            "model": "traffic server",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "apache",
            "version": "9.2.3"
          },
          {
            "_id": null,
            "model": "istio",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "istio",
            "version": "1.19.0"
          },
          {
            "_id": null,
            "model": "http2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "golang",
            "version": "0.17.0"
          },
          {
            "_id": null,
            "model": "windows 10 1607",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "10.0.14393.6351"
          },
          {
            "_id": null,
            "model": "big-ip advanced firewall manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "_id": null,
            "model": "crosswork zero touch provisioning",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.0.0"
          },
          {
            "_id": null,
            "model": "big-ip carrier-grade nat",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "_id": null,
            "model": "big-ip application acceleration manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "_id": null,
            "model": "traffic server",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "apache",
            "version": "8.0.0"
          },
          {
            "_id": null,
            "model": "windows server 2016",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "node maintenance operator",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "networking",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "golang",
            "version": "0.17.0"
          },
          {
            "_id": null,
            "model": "linkerd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linkerd",
            "version": "2.14.0"
          },
          {
            "_id": null,
            "model": "big-ip advanced web application firewall",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "_id": null,
            "model": "big-ip fraud protection service",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "_id": null,
            "model": "grpc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "grpc",
            "version": "1.57.0"
          },
          {
            "_id": null,
            "model": ".net",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "7.0.12"
          },
          {
            "_id": null,
            "model": "big-ip ssl orchestrator",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "_id": null,
            "model": "big-ip carrier-grade nat",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "_id": null,
            "model": "big-ip application visibility and reporting",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "_id": null,
            "model": "big-ip advanced firewall manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "_id": null,
            "model": "run once duration override operator",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "big-ip fraud protection service",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "_id": null,
            "model": "big-ip next service proxy for kubernetes",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "1.8.2"
          },
          {
            "_id": null,
            "model": "grpc",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "grpc",
            "version": "1.56.3"
          },
          {
            "_id": null,
            "model": "windows 10 22h2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "10.0.19045.3570"
          },
          {
            "_id": null,
            "model": "big-ip link controller",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "_id": null,
            "model": "big-ip webaccelerator",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "_id": null,
            "model": "tomcat",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "apache",
            "version": "10.1.13"
          },
          {
            "_id": null,
            "model": "visual studio 2022",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "17.7"
          },
          {
            "_id": null,
            "model": "big-ip fraud protection service",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "_id": null,
            "model": "advanced cluster management for kubernetes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "advanced cluster security",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "big-ip domain name system",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "_id": null,
            "model": "big-ip ddos hybrid defender",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "_id": null,
            "model": "openresty",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "openresty",
            "version": "1.21.4.3"
          },
          {
            "_id": null,
            "model": "big-ip carrier-grade nat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "_id": null,
            "model": "big-ip ssl orchestrator",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "_id": null,
            "model": "asp.net core",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "6.0.0"
          },
          {
            "_id": null,
            "model": "windows 10 1809",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "10.0.17763.4974"
          },
          {
            "_id": null,
            "model": "prime cable provisioning",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "7.2.1"
          },
          {
            "_id": null,
            "model": "linkerd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linkerd",
            "version": "2.14.1"
          },
          {
            "_id": null,
            "model": "service telemetry framework",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "windows server 2019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "crosswork data gateway",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "5.0.0"
          },
          {
            "_id": null,
            "model": "jboss fuse",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0.0"
          },
          {
            "_id": null,
            "model": "big-ip global traffic manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "_id": null,
            "model": "contour",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "projectcontour",
            "version": "2023-10-11"
          },
          {
            "_id": null,
            "model": ".net",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "6.0.0"
          },
          {
            "_id": null,
            "model": "traffic server",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "apache",
            "version": "8.1.9"
          },
          {
            "_id": null,
            "model": "big-ip global traffic manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "_id": null,
            "model": "nginx plus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "r30"
          },
          {
            "_id": null,
            "model": "big-ip websafe",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "_id": null,
            "model": "grpc",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "grpc",
            "version": "1.58.3"
          },
          {
            "_id": null,
            "model": "big-ip websafe",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "_id": null,
            "model": "certification for red hat enterprise linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "istio",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "istio",
            "version": "1.17.6"
          },
          {
            "_id": null,
            "model": "big-ip ssl orchestrator",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "_id": null,
            "model": "openshift service mesh",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "data center network manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "jboss core services",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "big-ip policy enforcement manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "_id": null,
            "model": "openshift sandboxed containers",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "jenkins",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "jenkins",
            "version": "2.427"
          },
          {
            "_id": null,
            "model": "big-ip ssl orchestrator",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "_id": null,
            "model": "jboss data grid",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0.0"
          },
          {
            "_id": null,
            "model": "big-ip link controller",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "_id": null,
            "model": "big-ip access policy manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "_id": null,
            "model": "big-ip application acceleration manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "_id": null,
            "model": "big-ip webaccelerator",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "_id": null,
            "model": "big-ip application security manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "_id": null,
            "model": "big-ip local traffic manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "_id": null,
            "model": "big-ip advanced web application firewall",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "_id": null,
            "model": "node.js",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "20.0.0"
          },
          {
            "_id": null,
            "model": "azure kubernetes service",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "2023-10-08"
          },
          {
            "_id": null,
            "model": "jetty",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "eclipse",
            "version": "9.4.53"
          },
          {
            "_id": null,
            "model": "big-ip advanced web application firewall",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "_id": null,
            "model": "process automation",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "big-ip link controller",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "_id": null,
            "model": "big-ip webaccelerator",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "_id": null,
            "model": "big-ip carrier-grade nat",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "_id": null,
            "model": "big-ip application visibility and reporting",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "_id": null,
            "model": "nginx",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "1.9.5"
          },
          {
            "_id": null,
            "model": "big-ip analytics",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "_id": null,
            "model": "big-ip application security manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "_id": null,
            "model": "big-ip domain name system",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "_id": null,
            "model": "big-ip ddos hybrid defender",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "_id": null,
            "model": "logging subsystem for red hat openshift",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "envoy",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "envoyproxy",
            "version": "1.24.10"
          },
          {
            "_id": null,
            "model": "big-ip access policy manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "_id": null,
            "model": "big-ip policy enforcement manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "_id": null,
            "model": "big-ip fraud protection service",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "_id": null,
            "model": "envoy",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "envoyproxy",
            "version": "1.27.0"
          },
          {
            "_id": null,
            "model": "big-ip link controller",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "_id": null,
            "model": "big-ip fraud protection service",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "_id": null,
            "model": "big-ip domain name system",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "_id": null,
            "model": "big-ip ddos hybrid defender",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "_id": null,
            "model": "big-ip ssl orchestrator",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "_id": null,
            "model": "big-ip webaccelerator",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "_id": null,
            "model": "crosswork situation manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "big-ip fraud protection service",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "_id": null,
            "model": "big-ip policy enforcement manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "_id": null,
            "model": "big-ip global traffic manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "_id": null,
            "model": "big-ip application visibility and reporting",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "_id": null,
            "model": "big-ip access policy manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "_id": null,
            "model": "big-ip advanced web application firewall",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "_id": null,
            "model": "ultra cloud core - policy control function",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2024.01.0"
          },
          {
            "_id": null,
            "model": "big-ip advanced firewall manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "_id": null,
            "model": "istio",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "istio",
            "version": "1.18.3"
          },
          {
            "_id": null,
            "model": "connected mobile experiences",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "istio",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "istio",
            "version": "1.19.1"
          },
          {
            "_id": null,
            "model": "big-ip domain name system",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "_id": null,
            "model": "big-ip ddos hybrid defender",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "_id": null,
            "model": "big-ip websafe",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "_id": null,
            "model": "asp.net core",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "7.0.0"
          },
          {
            "_id": null,
            "model": "jboss a-mq streams",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "node.js",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "18.18.2"
          },
          {
            "_id": null,
            "model": "openshift container platform",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "crosswork data gateway",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "jetty",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "eclipse",
            "version": "10.0.17"
          },
          {
            "_id": null,
            "model": "jboss fuse",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0.0"
          },
          {
            "_id": null,
            "model": "tomcat",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "apache",
            "version": "10.1.0"
          },
          {
            "_id": null,
            "model": "big-ip advanced web application firewall",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "_id": null,
            "model": "tomcat",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "apache",
            "version": "9.0.0"
          },
          {
            "_id": null,
            "model": "big-ip local traffic manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "_id": null,
            "model": "jetty",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "eclipse",
            "version": "12.0.2"
          },
          {
            "_id": null,
            "model": "3scale api management platform",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "ansible automation platform",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "go",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "golang",
            "version": "1.21.3"
          },
          {
            "_id": null,
            "model": "traefik",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "traefik",
            "version": "2.10.5"
          },
          {
            "_id": null,
            "model": "openshift gitops",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "big-ip application acceleration manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "_id": null,
            "model": "big-ip application visibility and reporting",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "_id": null,
            "model": "asp.net core",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "7.0.12"
          },
          {
            "_id": null,
            "model": "go",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "golang",
            "version": "1.21.0"
          },
          {
            "_id": null,
            "model": "jetty",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "eclipse",
            "version": "11.0.17"
          },
          {
            "_id": null,
            "model": "big-ip local traffic manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "_id": null,
            "model": "nginx",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "1.25.2"
          },
          {
            "_id": null,
            "model": "windows server 2022",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": "big-ip analytics",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "_id": null,
            "model": ".net",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "6.0.23"
          },
          {
            "_id": null,
            "model": "jboss a-mq",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "visual studio 2022",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "17.2.20"
          },
          {
            "_id": null,
            "model": "nginx ingress controller",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "2.0.0"
          },
          {
            "_id": null,
            "model": "ultra cloud core - session management function",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2024.02.0"
          },
          {
            "_id": null,
            "model": "big-ip local traffic manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "_id": null,
            "model": "big-ip analytics",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "_id": null,
            "model": "big-ip websafe",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "_id": null,
            "model": "big-ip local traffic manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "_id": null,
            "model": "big-ip link controller",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "_id": null,
            "model": "ultra cloud core - policy control function",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2024.01.0"
          },
          {
            "_id": null,
            "model": "big-ip access policy manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "_id": null,
            "model": "big-ip webaccelerator",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "_id": null,
            "model": "big-ip access policy manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "_id": null,
            "model": "openstack platform",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "17.1"
          },
          {
            "_id": null,
            "model": "network observability operator",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "visual studio 2022",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "17.4.12"
          },
          {
            "_id": null,
            "model": "node.js",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "18.0.0"
          },
          {
            "_id": null,
            "model": "http",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ietf",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "unified contact center enterprise",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "big-ip application visibility and reporting",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "_id": null,
            "model": "big-ip link controller",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "_id": null,
            "model": "big-ip analytics",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "_id": null,
            "model": "crosswork data gateway",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.3"
          },
          {
            "_id": null,
            "model": "big-ip advanced firewall manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "_id": null,
            "model": "openshift developer tools and services",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "envoy",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "envoyproxy",
            "version": "1.26.4"
          },
          {
            "_id": null,
            "model": "big-ip webaccelerator",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "_id": null,
            "model": "fence agents remediation operator",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "unified attendant console advanced",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "http2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "kazu yamamoto",
            "version": "4.2.2"
          },
          {
            "_id": null,
            "model": "ios xe",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "17.15.1"
          },
          {
            "_id": null,
            "model": "big-ip application acceleration manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "_id": null,
            "model": "big-ip next service proxy for kubernetes",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "big-ip application visibility and reporting",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "_id": null,
            "model": "fog director",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.22"
          },
          {
            "_id": null,
            "model": "certification for red hat enterprise linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "quay",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "3.0.0"
          },
          {
            "_id": null,
            "model": "go",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "golang",
            "version": "1.20.10"
          },
          {
            "_id": null,
            "model": "migration toolkit for virtualization",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "big-ip ssl orchestrator",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "_id": null,
            "model": "prime access registrar",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "9.3.3"
          },
          {
            "_id": null,
            "model": "big-ip domain name system",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "_id": null,
            "model": "big-ip advanced firewall manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "_id": null,
            "model": "big-ip ddos hybrid defender",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "_id": null,
            "model": "windows 11 22h2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "10.0.22621.2428"
          },
          {
            "_id": null,
            "model": "big-ip domain name system",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "_id": null,
            "model": "big-ip advanced web application firewall",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "_id": null,
            "model": "big-ip application security manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "_id": null,
            "model": "big-ip application acceleration manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "_id": null,
            "model": "big-ip ddos hybrid defender",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "_id": null,
            "model": "cert-manager operator for red hat openshift",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "migration toolkit for containers",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "big-ip carrier-grade nat",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "_id": null,
            "model": "big-ip policy enforcement manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "_id": null,
            "model": "big-ip websafe",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "_id": null,
            "model": "openshift data science",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "h2o",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "dena",
            "version": "2023-10-10"
          },
          {
            "_id": null,
            "model": "big-ip fraud protection service",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "_id": null,
            "model": "big-ip domain name system",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "_id": null,
            "model": "big-ip ddos hybrid defender",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "_id": null,
            "model": "nginx ingress controller",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "2.4.2"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "akka",
            "version": "10.5.3"
          },
          {
            "_id": null,
            "model": "big-ip advanced firewall manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "_id": null,
            "model": "big-ip ssl orchestrator",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "_id": null,
            "model": "linkerd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linkerd",
            "version": "2.13.1"
          },
          {
            "_id": null,
            "model": "jenkins",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "jenkins",
            "version": "2.414.2"
          },
          {
            "_id": null,
            "model": "big-ip websafe",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "_id": null,
            "model": "big-ip policy enforcement manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "_id": null,
            "model": "linkerd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linkerd",
            "version": "2.13.0"
          },
          {
            "_id": null,
            "model": "big-ip carrier-grade nat",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "_id": null,
            "model": "openshift container platform assisted installer",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "big-ip application visibility and reporting",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "_id": null,
            "model": "astra control center",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netapp",
            "version": null
          },
          {
            "_id": null,
            "model": "secure web appliance",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "15.1.0"
          },
          {
            "_id": null,
            "model": "envoy",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "envoyproxy",
            "version": "1.25.9"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "big-ip websafe",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "_id": null,
            "model": "apisix",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "apache",
            "version": "3.6.1"
          },
          {
            "_id": null,
            "model": "openshift serverless",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "visual studio 2022",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "17.4"
          },
          {
            "_id": null,
            "model": "nginx ingress controller",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "3.3.0"
          },
          {
            "_id": null,
            "model": "armeria",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "linecorp",
            "version": "1.26.0"
          },
          {
            "_id": null,
            "model": "unified contact center management portal",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "jetty",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "eclipse",
            "version": "11.0.0"
          },
          {
            "_id": null,
            "model": "big-ip fraud protection service",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "_id": null,
            "model": "big-ip advanced web application firewall",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "_id": null,
            "model": "build of optaplanner",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "big-ip global traffic manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "_id": null,
            "model": "linkerd",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "linkerd",
            "version": "2.12.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "12.0"
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2023-44487"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Red Hat",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "175270"
          },
          {
            "db": "PACKETSTORM",
            "id": "175126"
          },
          {
            "db": "PACKETSTORM",
            "id": "175179"
          },
          {
            "db": "PACKETSTORM",
            "id": "175159"
          },
          {
            "db": "PACKETSTORM",
            "id": "175970"
          }
        ],
        "trust": 0.5
      },
      "cve": "CVE-2023-44487",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2023-44487",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2023-44487",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2023-44487",
                "trust": 1.0,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2023-44487"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-44487"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-5540-1                   security@debian.org\nhttps://www.debian.org/security/                          Markus Koschany\nOctober 30, 2023                      https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage        : jetty9\nCVE ID         : CVE-2023-36478 CVE-2023-44487\n\nTwo remotely exploitable security vulnerabilities were discovered in Jetty 9, a\nJava based web server and servlet engine. The HTTP/2 protocol implementation\ndid not sufficiently verify if HPACK header values exceed their size limit. This\nproblem is also known as Rapid Reset Attack. \n\nFor the oldstable distribution (bullseye), these problems have been fixed\nin version 9.4.50-4+deb11u1. \n\nFor the stable distribution (bookworm), these problems have been fixed in\nversion 9.4.50-4+deb12u2. \n\nWe recommend that you upgrade your jetty9 packages. \n\nFor the detailed security status of jetty9 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/jetty9\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmVABttfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD\nRjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7\nUeTJ2g/9E8TKXU1Mko9WhumkvRQNsYxAM43L/gmYMRm4JEqhqpjHHZECJIOAVyxs\nuN0uE13T+JckplIAhfdsZgbmDDNjASyFWv9OfOdf2h4Y9ZhoXP22MXI2MjKb9MSH\nKfmPtX4S95UyF/Ty0kK17W63p4EvtNlcgRokx5yFpUF/rN72GXVx25W6WQ1pSHrJ\nESJMqOr8d3Wn5/4yaPEunQrvPa4WkQSTv8nHAIxIenP3wiNuK2tZWN6GCAdbirQp\nMWt282W/ueGcRDq8UJB2tWkxqx8CNnqeIeh0LpaSZRbaf62DChtyj+5OnYyhwBTk\n1mhwuveCFtNzRQyHRBrOrVWRAG43ktSyEYG90Il9iDchQROi0sJkQFVB0TXG6FnC\nhIFBcPw9VW5+7I+4gxexhpguq/SXZV9V9QH+jSeEBOgdKY/qX0farjElmhgFLRuS\n/weJAqnc9C6w4BB7gnE9ow4nbGqKqMEj1yoO8itMhCWBCaEIia0INpao7pfpf/9r\nKekLFoi6Gux0gqVMhhBw3latxW9zth93tNEeuuGb+kP/TDreBVkZnqrYVbtj49Wv\nIMX77Q8OB/TDQ8K5cEq05wcq59TIkAaVKGrP3sXsjbt4umbkjhbp8Oxv+chMOgPQ\nE8ThC0Q+lbZ4nth0vw2R93ObMfzlxZN2YJUqKf3aw/yAKd8YIys=CO/+\n-----END PGP SIGNATURE-----\n. \n\n\n\n\nDescription:\n\nRed Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This could result\nin denial of service. \n\n\n\n\nDescription:\n\nnghttp2 contains the Hypertext Transfer Protocol version 2 (HTTP/2) client, server, and proxy programs as well as a library implementing the HTTP/2 protocol in C. \n\n\n\n\nDescription:\n\nNode.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\n\n\n\nDescription:\n\n.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. \n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET 6.0 to SDK 6.0.123 and Runtime 6.0.23. \n\nThe following advisory data is extracted from:\n\nhttps://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7481.json\n\nRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat\u0027s archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment. \n\n- Packet Storm Staff\n\n\n\n\n====================================================================\nRed Hat Security Advisory\n\nSynopsis:           Important: OpenShift Container Platform 4.11.54 packages and security update\nAdvisory ID:        RHSA-2023:7481-01\nProduct:            Red Hat OpenShift Enterprise\nAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:7481\nIssue date:         2023-11-29\nRevision:           01\nCVE Names:          CVE-2023-44487\n====================================================================\n\nSummary: \n\nRed Hat OpenShift Container Platform release 4.11.54 is now available with updates to packages and images that fix several bugs and add enhancements. \n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.11. \n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. \n\n\n\n\nDescription:\n\nRed Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. \n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.54. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHSA-2023:7479\n\nSecurity Fix(es):\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS\nattack (Rapid Reset Attack) (CVE-2023-44487)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. \n\nAll OpenShift Container Platform 4.11 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html\n\n\nSolution:\n\nhttps://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html\n\n\n\nCVEs:\n\nCVE-2023-44487\n\nReferences:\n\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2242803\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 202408-10\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                           https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: nghttp2: Multiple Vulnerabilities\n     Date: August 07, 2024\n     Bugs: #915554, #928541\n       ID: 202408-10\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been discovered in nghttp2, the worst of\nwhich could lead to a denial of service. \n\nBackground\n==========\n\nNghttp2 is an implementation of HTTP/2 and its header compression\nalgorithm HPACK in C. \n\nAffected packages\n=================\n\nPackage           Vulnerable    Unaffected\n----------------  ------------  ------------\nnet-libs/nghttp2  \u003c 1.61.0      \u003e= 1.61.0\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in nghttp2. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n======\n\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll nghttp2 users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-libs/nghttp2-1.61.0\"\n\nReferences\n==========\n\n[ 1 ] CVE-2023-44487\n      https://nvd.nist.gov/vuln/detail/CVE-2023-44487\n[ 2 ] CVE-2024-28182\n      https://nvd.nist.gov/vuln/detail/CVE-2024-28182\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202408-10\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2024 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2023-44487"
          },
          {
            "db": "PACKETSTORM",
            "id": "175650"
          },
          {
            "db": "PACKETSTORM",
            "id": "175437"
          },
          {
            "db": "PACKETSTORM",
            "id": "175270"
          },
          {
            "db": "PACKETSTORM",
            "id": "176035"
          },
          {
            "db": "PACKETSTORM",
            "id": "175126"
          },
          {
            "db": "PACKETSTORM",
            "id": "175179"
          },
          {
            "db": "PACKETSTORM",
            "id": "175159"
          },
          {
            "db": "PACKETSTORM",
            "id": "175970"
          },
          {
            "db": "PACKETSTORM",
            "id": "179956"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2023-44487",
            "trust": 1.9
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2023/10/19/6",
            "trust": 1.0
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2023/10/10/6",
            "trust": 1.0
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2023/10/20/8",
            "trust": 1.0
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2023/10/18/4",
            "trust": 1.0
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2023/10/10/7",
            "trust": 1.0
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2023/10/18/8",
            "trust": 1.0
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2023/10/13/4",
            "trust": 1.0
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2023/10/13/9",
            "trust": 1.0
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2025/08/13/6",
            "trust": 1.0
          },
          {
            "db": "PACKETSTORM",
            "id": "175650",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "175437",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "175270",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "176035",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "175126",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "175179",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "175159",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "175970",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "179956",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "175650"
          },
          {
            "db": "PACKETSTORM",
            "id": "175437"
          },
          {
            "db": "PACKETSTORM",
            "id": "175270"
          },
          {
            "db": "PACKETSTORM",
            "id": "176035"
          },
          {
            "db": "PACKETSTORM",
            "id": "175126"
          },
          {
            "db": "PACKETSTORM",
            "id": "175179"
          },
          {
            "db": "PACKETSTORM",
            "id": "175159"
          },
          {
            "db": "PACKETSTORM",
            "id": "175970"
          },
          {
            "db": "PACKETSTORM",
            "id": "179956"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-44487"
          }
        ]
      },
      "id": "VAR-202310-0175",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.38473925200000003
      },
      "last_update_date": "2026-04-10T22:02:50.262000Z",
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-400",
            "trust": 1.0
          },
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2023-44487"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.0,
            "url": "http://www.openwall.com/lists/oss-security/2023/10/10/6"
          },
          {
            "trust": 1.1,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
          },
          {
            "trust": 1.0,
            "url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
          },
          {
            "trust": 1.0,
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/wlprq5twuqqxywbjm7ecydail2yvkiuh/"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/nodejs/node/pull/50121"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/kubernetes/kubernetes/pull/121120"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/dotnet/announcements/issues/277"
          },
          {
            "trust": 1.0,
            "url": "https://istio.io/latest/news/security/istio-security-2023-004/"
          },
          {
            "trust": 1.0,
            "url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/haproxy/haproxy/issues/2312"
          },
          {
            "trust": 1.0,
            "url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
          },
          {
            "trust": 1.0,
            "url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/envoyproxy/envoy/pull/30055"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/lkyhszqfdnr7rsa7lhvlliaqmvycugbg/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
          },
          {
            "trust": 1.0,
            "url": "https://blog.vespa.ai/cve-2023-44487/"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/kazu-yamamoto/http2/issues/93"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zkqsikiat5tj3wslu3rdbq35yx4gy4v3/"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/advisories/ghsa-qppj-fm5r-hxr3"
          },
          {
            "trust": 1.0,
            "url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/vsrdiv77hnkusm7sjc5bke5jshlhu2nk/"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/h2o/h2o/security/advisories/ghsa-2m7v-gc89-fjqf"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/grpc/grpc-go/pull/6703"
          },
          {
            "trust": 1.0,
            "url": "https://www.debian.org/security/2023/dsa-5558"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/h2o/h2o/pull/3291"
          },
          {
            "trust": 1.0,
            "url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#l1101-l1113"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/fna62q767cfafhbcdkynpbmzwb7twyvu/"
          },
          {
            "trust": 1.0,
            "url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zb43remkrqr62njei7i5nq4fsxnlbkrt/"
          },
          {
            "trust": 1.0,
            "url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
          },
          {
            "trust": 1.0,
            "url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/bcdannyboy/cve-2023-44487"
          },
          {
            "trust": 1.0,
            "url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ht7t2r4mqklif4odv4bdlparwfpcj5cz/"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/ninenines/cowboy/issues/1615"
          },
          {
            "trust": 1.0,
            "url": "http://www.openwall.com/lists/oss-security/2023/10/10/7"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/facebook/proxygen/pull/466"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/jizsefc3ykcgaba2bzw6zjrmdzjmb7pj/"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
          },
          {
            "trust": 1.0,
            "url": "https://netty.io/news/2023/10/10/4-1-100-final.html"
          },
          {
            "trust": 1.0,
            "url": "https://news.ycombinator.com/item?id=37830987"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3n4nj7fr4x4fpzugntqapstvb2hb2y4a/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/we2i52rhnnu42px6nz2rbuhsffj2lvzx/"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/tempesta-tech/tempesta/issues/1986"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#l73"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ht7t2r4mqklif4odv4bdlparwfpcj5cz/"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/akka/akka-http/issues/4323"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/lkyhszqfdnr7rsa7lhvlliaqmvycugbg/"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/zb43remkrqr62njei7i5nq4fsxnlbkrt/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/vhuhtsxlxgxs7jykbxta3vinuphtngvu/"
          },
          {
            "trust": 1.0,
            "url": "https://news.ycombinator.com/item?id=37830998"
          },
          {
            "trust": 1.0,
            "url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/jmexy22bfg5q64hqcm5ck2q7kdkvv4ty/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/bfqd3kuemfbhpapbglwqc34l4owl5haz/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/we2i52rhnnu42px6nz2rbuhsffj2lvzx/"
          },
          {
            "trust": 1.0,
            "url": "https://www.debian.org/security/2023/dsa-5540"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/advisories/ghsa-vx74-f528-fxqg"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/x6qxn4orivf6xbw4wwfe7vnpvc74s45y/"
          },
          {
            "trust": 1.0,
            "url": "http://www.openwall.com/lists/oss-security/2025/08/13/6"
          },
          {
            "trust": 1.0,
            "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/readme.md?plain=1#l239-l244"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/e72t67updrxhidlo3oror25yamn4ggw5/"
          },
          {
            "trust": 1.0,
            "url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
          },
          {
            "trust": 1.0,
            "url": "https://news.ycombinator.com/item?id=37831062"
          },
          {
            "trust": 1.0,
            "url": "https://ubuntu.com/security/cve-2023-44487"
          },
          {
            "trust": 1.0,
            "url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/apache/httpd-site/pull/10"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/golang/go/issues/63417"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/lnmzjcdhgljjlxo4oxwjmtvqrnwoc7ul/"
          },
          {
            "trust": 1.0,
            "url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/clb4tw7kalb3eeqwnwcn7ouiwwvwwcg2/"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/grpc/grpc/releases/tag/v1.59.2"
          },
          {
            "trust": 1.0,
            "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/jizsefc3ykcgaba2bzw6zjrmdzjmb7pj/"
          },
          {
            "trust": 1.0,
            "url": "https://msrc.microsoft.com/update-guide/vulnerability/cve-2023-44487"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/advisories/ghsa-xpw8-rcwv-8f8p"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/vsrdiv77hnkusm7sjc5bke5jshlhu2nk/"
          },
          {
            "trust": 1.0,
            "url": "https://security.paloaltonetworks.com/cve-2023-44487"
          },
          {
            "trust": 1.0,
            "url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
          },
          {
            "trust": 1.0,
            "url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/e72t67updrxhidlo3oror25yamn4ggw5/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ksegd2iwknuo3dwy4kqguqm5bisrwhqe/"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/apache/trafficserver/pull/10564"
          },
          {
            "trust": 1.0,
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=cve-2023-44487"
          },
          {
            "trust": 1.0,
            "url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
          },
          {
            "trust": 1.0,
            "url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
          },
          {
            "trust": 1.0,
            "url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
          },
          {
            "trust": 1.0,
            "url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
          },
          {
            "trust": 1.0,
            "url": "https://news.ycombinator.com/item?id=37837043"
          },
          {
            "trust": 1.0,
            "url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2mbeppc36ubvozznaxfhklfgslcmn5li/"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/projectcontour/contour/pull/5826"
          },
          {
            "trust": 1.0,
            "url": "https://lists.w3.org/archives/public/ietf-http-wg/2023octdec/0025.html"
          },
          {
            "trust": 1.0,
            "url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
          },
          {
            "trust": 1.0,
            "url": "https://www.phoronix.com/news/http2-rapid-reset-attack"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/kong/kong/discussions/11741"
          },
          {
            "trust": 1.0,
            "url": "https://www.debian.org/security/2023/dsa-5549"
          },
          {
            "trust": 1.0,
            "url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/bfqd3kuemfbhpapbglwqc34l4owl5haz/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/x6qxn4orivf6xbw4wwfe7vnpvc74s45y/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/zlu6u2r2ic2k64ndpnmv55auao65maf4/"
          },
          {
            "trust": 1.0,
            "url": "https://groups.google.com/g/golang-announce/c/innxdtcjzvo"
          },
          {
            "trust": 1.0,
            "url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
          },
          {
            "trust": 1.0,
            "url": "https://security.gentoo.org/glsa/202311-09"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/micrictor/http2-rst-stream"
          },
          {
            "trust": 1.0,
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
          },
          {
            "trust": 1.0,
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/vhuhtsxlxgxs7jykbxta3vinuphtngvu/"
          },
          {
            "trust": 1.0,
            "url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-october/s36q5hbxr7caimpllprsssyr4pcmwilk.html"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/etcd-io/etcd/issues/16740"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/arkrwn/poc/tree/main/cve-2023-44487"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/zkqsikiat5tj3wslu3rdbq35yx4gy4v3/"
          },
          {
            "trust": 1.0,
            "url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/xfoibb4yfichdm7ibop7pwxw3fx4hll2/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/jmexy22bfg5q64hqcm5ck2q7kdkvv4ty/"
          },
          {
            "trust": 1.0,
            "url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/microsoft/cbl-mariner/pull/6381"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/lnmzjcdhgljjlxo4oxwjmtvqrnwoc7ul/"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
          },
          {
            "trust": 1.0,
            "url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/fna62q767cfafhbcdkynpbmzwb7twyvu/"
          },
          {
            "trust": 1.0,
            "url": "https://my.f5.com/manage/s/article/k000137106"
          },
          {
            "trust": 1.0,
            "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
          },
          {
            "trust": 1.0,
            "url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/eclipse/jetty.project/issues/10679"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3n4nj7fr4x4fpzugntqapstvb2hb2y4a/"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/junkurihara/rust-rpxy/issues/97"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ksegd2iwknuo3dwy4kqguqm5bisrwhqe/"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/apache/apisix/issues/10320"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
          },
          {
            "trust": 1.0,
            "url": "https://www.debian.org/security/2023/dsa-5521"
          },
          {
            "trust": 1.0,
            "url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/line/armeria/pull/5232"
          },
          {
            "trust": 1.0,
            "url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
          },
          {
            "trust": 1.0,
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/openresty/openresty/issues/930"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2mbeppc36ubvozznaxfhklfgslcmn5li/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/clb4tw7kalb3eeqwnwcn7ouiwwvwwcg2/"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/caddyserver/caddy/issues/5877"
          },
          {
            "trust": 1.0,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-http2-reset-d8kf32vz"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/alibaba/tengine/issues/1872"
          },
          {
            "trust": 1.0,
            "url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/xfoibb4yfichdm7ibop7pwxw3fx4hll2/"
          },
          {
            "trust": 1.0,
            "url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
          },
          {
            "trust": 1.0,
            "url": "https://www.debian.org/security/2023/dsa-5522"
          },
          {
            "trust": 1.0,
            "url": "https://access.redhat.com/security/cve/cve-2023-44487"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/wlprq5twuqqxywbjm7ecydail2yvkiuh/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zlu6u2r2ic2k64ndpnmv55auao65maf4/"
          },
          {
            "trust": 1.0,
            "url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
          },
          {
            "trust": 1.0,
            "url": "https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause"
          },
          {
            "trust": 1.0,
            "url": "https://aws.amazon.com/security/security-bulletins/aws-2023-011/"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/varnishcache/varnish-cache/issues/3996"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/azure/aks/issues/3947"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/nghttp2/nghttp2/pull/1961"
          },
          {
            "trust": 1.0,
            "url": "https://tomcat.apache.org/security-10.html#fixed_in_apache_tomcat_10.1.14"
          },
          {
            "trust": 1.0,
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
          },
          {
            "trust": 1.0,
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
          },
          {
            "trust": 1.0,
            "url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/opensearch-project/data-prepper/issues/3474"
          },
          {
            "trust": 1.0,
            "url": "https://www.debian.org/security/2023/dsa-5570"
          },
          {
            "trust": 0.9,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2023-44487"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/updates/classification/#important"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/vulnerabilities/rhsb-2023-003"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.3,
            "url": "https://www.debian.org/security/"
          },
          {
            "trust": 0.3,
            "url": "https://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2023-33934"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-47185"
          },
          {
            "trust": 0.1,
            "url": "https://security-tracker.debian.org/tracker/trafficserver"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2023-41752"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2023-39456"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2023-36478"
          },
          {
            "trust": 0.1,
            "url": "https://security-tracker.debian.org/tracker/jetty9"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2023:5973"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5973.json"
          },
          {
            "trust": 0.1,
            "url": "https://security-tracker.debian.org/tracker/nghttp2"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2023:5766"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5766.json"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2023:5840"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5840.json"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2023:5707"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5707.json"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7481.json"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2023:7479"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2023:7481"
          },
          {
            "trust": 0.1,
            "url": "https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html"
          },
          {
            "trust": 0.1,
            "url": "https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html"
          },
          {
            "trust": 0.1,
            "url": "https://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-28182"
          },
          {
            "trust": 0.1,
            "url": "https://security.gentoo.org/glsa/202408-10"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "https://creativecommons.org/licenses/by-sa/2.5"
          }
        ],
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "175650"
          },
          {
            "db": "PACKETSTORM",
            "id": "175437"
          },
          {
            "db": "PACKETSTORM",
            "id": "175270"
          },
          {
            "db": "PACKETSTORM",
            "id": "176035"
          },
          {
            "db": "PACKETSTORM",
            "id": "175126"
          },
          {
            "db": "PACKETSTORM",
            "id": "175179"
          },
          {
            "db": "PACKETSTORM",
            "id": "175159"
          },
          {
            "db": "PACKETSTORM",
            "id": "175970"
          },
          {
            "db": "PACKETSTORM",
            "id": "179956"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-44487"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "PACKETSTORM",
            "id": "175650",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "175437",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "175270",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "176035",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "175126",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "175179",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "175159",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "175970",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "179956",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2023-44487",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2023-11-13T22:11:28",
            "db": "PACKETSTORM",
            "id": "175650",
            "ident": null
          },
          {
            "date": "2023-10-31T13:13:14",
            "db": "PACKETSTORM",
            "id": "175437",
            "ident": null
          },
          {
            "date": "2023-10-23T14:26:00",
            "db": "PACKETSTORM",
            "id": "175270",
            "ident": null
          },
          {
            "date": "2023-12-04T13:45:34",
            "db": "PACKETSTORM",
            "id": "176035",
            "ident": null
          },
          {
            "date": "2023-10-17T15:39:55",
            "db": "PACKETSTORM",
            "id": "175126",
            "ident": null
          },
          {
            "date": "2023-10-18T16:28:09",
            "db": "PACKETSTORM",
            "id": "175179",
            "ident": null
          },
          {
            "date": "2023-10-18T16:22:55",
            "db": "PACKETSTORM",
            "id": "175159",
            "ident": null
          },
          {
            "date": "2023-11-29T12:44:32",
            "db": "PACKETSTORM",
            "id": "175970",
            "ident": null
          },
          {
            "date": "2024-08-07T14:45:35",
            "db": "PACKETSTORM",
            "id": "179956",
            "ident": null
          },
          {
            "date": "2023-10-10T14:15:10.883000",
            "db": "NVD",
            "id": "CVE-2023-44487",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2025-11-07T19:00:41.810000",
            "db": "NVD",
            "id": "CVE-2023-44487",
            "ident": null
          }
        ]
      },
      "title": {
        "_id": null,
        "data": "Debian Security Advisory 5549-1",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "175650"
          }
        ],
        "trust": 0.1
      },
      "type": {
        "_id": null,
        "data": "info disclosure",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "175650"
          }
        ],
        "trust": 0.1
      }
    }